CN112398878A - Encoding-based stream data transmission anti-leakage method and system - Google Patents

Encoding-based stream data transmission anti-leakage method and system Download PDF

Info

Publication number
CN112398878A
CN112398878A CN202110078341.0A CN202110078341A CN112398878A CN 112398878 A CN112398878 A CN 112398878A CN 202110078341 A CN202110078341 A CN 202110078341A CN 112398878 A CN112398878 A CN 112398878A
Authority
CN
China
Prior art keywords
data
matrix
filling
data frame
frame
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110078341.0A
Other languages
Chinese (zh)
Other versions
CN112398878B (en
Inventor
王帅
朱敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Telecom Easiness Information Technology Co Ltd
Original Assignee
Beijing Telecom Easiness Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Telecom Easiness Information Technology Co Ltd filed Critical Beijing Telecom Easiness Information Technology Co Ltd
Priority to CN202110078341.0A priority Critical patent/CN112398878B/en
Publication of CN112398878A publication Critical patent/CN112398878A/en
Application granted granted Critical
Publication of CN112398878B publication Critical patent/CN112398878B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/0001Systems modifying transmission characteristics according to link quality, e.g. power backoff
    • H04L1/0006Systems modifying transmission characteristics according to link quality, e.g. power backoff by adapting the transmission format
    • H04L1/0007Systems modifying transmission characteristics according to link quality, e.g. power backoff by adapting the transmission format by modifying the frame length
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/0001Systems modifying transmission characteristics according to link quality, e.g. power backoff
    • H04L1/0015Systems modifying transmission characteristics according to link quality, e.g. power backoff characterised by the adaptation strategy
    • H04L1/0019Systems modifying transmission characteristics according to link quality, e.g. power backoff characterised by the adaptation strategy in which mode-switching is based on a statistical approach
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Quality & Reliability (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a method and a system for preventing leakage in stream data transmission based on coding. The method comprises the following steps: counting the data field length of each data frame in the historical network flow data file to obtain a frame length distribution sequence; obtaining a hierarchical threshold list from the frame length distribution sequence; generating filling bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold value list; carrying out null filling and matrix bottom filling on the data frame to be processed based on the null filling bits and the filling bit data to obtain a matrix after row filling and mixing; carrying out Hash filling on the matrix after confusion by adopting a Hash function to obtain an encrypted data frame and transmitting the encrypted data frame; and the receiving end divides the received encrypted data frame into a bit data part matrix and a hash value part matrix, and obtains an original data frame after the data frame filled at the bottom of the matrix in the filtered matrix is verified, filtered and removed by the hash value. The invention can avoid the attacker from counting and classifying the streaming data frames on the network level to obtain the private information of the user.

Description

Encoding-based stream data transmission anti-leakage method and system
Technical Field
The invention relates to the field of stream data security transmission, in particular to a method and a system for preventing leakage of stream data transmission based on coding.
Background
With the development of communication technology and multimedia technology, people are not satisfied with the communication of text and voice, and network multimedia applications mainly based on video conferences become more and more extensive. Meanwhile, the large-scale popularization of the fifth generation communication technology also promotes the video conference system to be more intelligent, efficient, convenient and quick, not only comprehensively improves the informatization level of each industry, but also can realize zero-distance communication among all parties. The video conference is a conference service which provides real-time audio and video transmission between remote and multiple points, and video information, voice information, character information and the like in the form of stream data are transmitted and received by multiple parties at any time. However, due to the nature of the stream data: the volume is huge, the value is high, and the process of the video conference is easy to suffer from air interface wireless signal interference and protocol attack. At present, data of a video conference is transmitted by using a fifth generation mobile communication technology, namely, an SSL/TLS protocol is still used for encrypting flow during data transmission, but the flow data protected in this way cannot avoid characteristic analysis of an attacker, namely, the attacker analyzes and obtains statistical characteristic information in captured massive flow data packets, such as a length system distribution matrix of frame bytes, a length distribution matrix of packet bytes, and the like. After specific combination, screening and analysis, the information can reflect the behavior, performance and conference progress of the participants from the side. Therefore, the security of the current streaming data transmission still needs to be improved.
Disclosure of Invention
Therefore, it is necessary to provide a method and a system for preventing leakage of streaming data transmission based on coding, which hide some transmission characteristics causing data leakage problem in data transmission by re-coding the transmitted streaming data, so as to prevent an attacker from counting and classifying streaming data frames on a network level to obtain user private information, thereby protecting the confidentiality of user operation and the security of service.
In order to achieve the purpose, the invention provides the following scheme:
an encoding-based stream data transmission anti-leakage method comprises the following steps:
acquiring a historical network flow data file, and counting the data domain length of each data frame in the historical network flow data file to obtain a frame length distribution sequence;
determining preset grading parameters according to the frame length distribution sequence to obtain a grading threshold list, and normalizing the grading threshold list to obtain a normalized grading threshold list;
acquiring the data field length of a data frame to be processed, and generating filling bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold list;
carrying out null filling and matrix bottom filling on the data frame to be processed based on null filling bits and the filling bit data to obtain a matrix after row filling and mixing;
performing hash filling on the matrix after confusion by adopting a hash function to obtain an encrypted data frame and transmitting the encrypted data frame;
and after receiving the encrypted data frame, a receiving end divides the encrypted data frame into a bit data part matrix and a hash value part matrix, performs hash value verification based on the hash value part matrix, filters the bit data part matrix based on a verification mark sequence generated by a verification result, and removes the data frame filled at the bottom of the matrix in the filtered matrix to obtain the original data frame.
Optionally, the obtaining of the historical network stream data file and counting the data field length of each data frame in the historical network stream data file to obtain a frame length distribution sequence specifically include:
acquiring a historical network stream data file and a device physical address;
analyzing the historical network stream data file to obtain an analysis character taking a data frame as a unit;
deleting the noise data frame in the analytic character based on the equipment physical address to obtain historical data;
and counting the data field length of each data frame in the historical data to obtain a frame length distribution sequence.
Optionally, the determining, by the frame length distribution sequence, a preset classification parameter to obtain a classification threshold list, and normalizing the classification threshold list to obtain a normalized classification threshold list specifically includes:
determining preset grading parameters according to the frame length distribution sequence, and selecting target data domain lengths from all data domain lengths of the historical data as grading threshold values based on the total number of data frames in the historical data and the preset grading parameters to obtain a grading threshold value list;
normalizing the grading threshold list to obtain a normalized grading threshold list; wherein the content of the first and second substances,
Figure 100002_DEST_PATH_IMAGE001
Figure 20247DEST_PATH_IMAGE002
is the second in the normalized ranking threshold listkThe number of classification thresholds is such that,
Figure 100002_DEST_PATH_IMAGE003
is composed of
Figure 526445DEST_PATH_IMAGE004
When it is established
Figure 100002_DEST_PATH_IMAGE005
The smallest positive integer is taken as the smallest positive integer,
Figure 994467DEST_PATH_IMAGE006
is the first in the ranking threshold listkThe number of classification thresholds is such that,
Figure 100002_DEST_PATH_IMAGE007
and the minimum byte number of the data field of the data frame in the historical data is used.
Optionally, the obtaining the data field length of the data frame to be processed, and generating the padding bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold list specifically include:
acquiring the data field length of a data frame to be processed, querying the normalized grading threshold list, and determining the filling length threshold of the data frame to be processed; the filling length threshold value is
Figure 88937DEST_PATH_IMAGE008
When it is established
Figure 100002_DEST_PATH_IMAGE009
Taking the minimum value of the sum of the average values,
Figure 48934DEST_PATH_IMAGE010
Figure 100002_DEST_PATH_IMAGE011
for the data field length of the data frame to be processed,
Figure 451552DEST_PATH_IMAGE012
is a normalized ranked threshold list;
and randomly generating filling bit data with the length of the filling length threshold value.
Optionally, the null-value filling and matrix bottom filling are performed on the data frame to be processed based on the null-value filling bits and the filling bit data, so as to obtain a matrix after row filling and mix the matrix, which specifically includes:
performing matrix conversion on the data domain of the data frame to be processed to obtain a matrix to be processed; the size of the matrix to be processed is (
Figure 100002_DEST_PATH_IMAGE013
(ii) a Wherein the content of the first and second substances,
Figure 39659DEST_PATH_IMAGE014
is composed of
Figure 100002_DEST_PATH_IMAGE015
When it is established
Figure 511223DEST_PATH_IMAGE016
Taking the maximum integer;
filling null values in the matrix to be processed by using null value filling bits to obtain a matrix filled with the null values; the null padding bits have a length of (
Figure 100002_DEST_PATH_IMAGE017
The header of the null padding bit is 1, and the part of the null padding bit except the header is 0;
selecting row filling data from the filling bit data; wherein the content of the first and second substances,
Figure 20833DEST_PATH_IMAGE018
Figure 100002_DEST_PATH_IMAGE019
the data is filled in for the row(s),
Figure 459380DEST_PATH_IMAGE020
in order to fill in the bit data,
Figure 100002_DEST_PATH_IMAGE021
indicating the first in the filler bit data
Figure 229890DEST_PATH_IMAGE022
Bit data of a line and the second
Figure 100002_DEST_PATH_IMAGE023
The following bit data;
determining an amplification matrix from the matrix filled with the null values; the amplification matrix has a size of
Figure 731409DEST_PATH_IMAGE024
Filling the row filling data into the bottom of the amplification matrix to obtain a matrix after row filling;
generating a length of
Figure 197157DEST_PATH_IMAGE005
Marking the matrix after the row filling by adopting the marking sequence to obtain a marked matrix; before the marker sequence
Figure 100002_DEST_PATH_IMAGE025
Each is marked as 1, the
Figure 710833DEST_PATH_IMAGE026
To the first
Figure 539112DEST_PATH_IMAGE005
Each is 0;
the first of the marked matrix
Figure 100002_DEST_PATH_IMAGE027
Go to
Figure 805008DEST_PATH_IMAGE028
Before line random insertion
Figure 100002_DEST_PATH_IMAGE029
In the rows, the obfuscated matrix is obtained.
Optionally, the hash function is used to perform hash filling on the obfuscated matrix, so as to obtain an encrypted data frame and transmit the encrypted data frame, and the method specifically includes:
calculating the hash value of each row of bit data in the confused matrix by adopting a hash function to obtain the length of
Figure 430156DEST_PATH_IMAGE030
Filling the confused matrix with the hash result to obtain a matrix after hash filling; the size of the matrix after hash filling is
Figure 100002_DEST_PATH_IMAGE031
(ii) a A post-hash-padded matrix in a row with the tag sequence 1
Figure 338069DEST_PATH_IMAGE030
The bit is the hash value, and the mark sequence in the matrix after hash filling is the last row of 0
Figure 286433DEST_PATH_IMAGE030
Bits are random values other than the hash value;
and deleting the mark sequence in the matrix after the Hash filling to obtain an amplified matrix, flattening the amplified matrix into a one-dimensional sequence to obtain an encrypted data frame and transmitting the encrypted data frame.
Optionally, after the receiving end receives the encrypted data frame, the receiving end divides the encrypted data frame into a bit data part matrix and a hash value part matrix, performs hash value verification based on the hash value part matrix, filters the bit data part matrix based on a verification flag sequence generated by a verification result, and removes a data frame filled at the bottom of a matrix in the filtered matrix to obtain an original data frame, which specifically includes:
after receiving the encrypted data frame, a receiving end performs matrix conversion on the encrypted data frame, and divides the converted matrix into a bit data part matrix and a hash value part matrix according to columns;
performing hash value verification based on the hash value part matrix, generating a verification mark sequence according to a verification result, and deleting row bit data corresponding to the verification mark sequence of 0 in the bit data part matrix to obtain a filtered matrix;
reading the last row of bit data in the filtered matrix and the first 1 appearing position when the last row of bit data is stored according to the little endian, and according to the position
Figure 189143DEST_PATH_IMAGE032
Updating the last row of bit data to obtain an updated matrix;
Figure 100002_DEST_PATH_IMAGE033
for the last row of bit data after the update,
Figure 895062DEST_PATH_IMAGE034
for the last row of bit data in the filtered matrix,xthe position of the first 1 appearing when the bit data of the last line is stored according to the little endian;
and flattening the updated matrix into a one-dimensional sequence to obtain an original data frame.
Optionally, the deleting the noise data frame in the parsed character based on the device physical address to obtain historical data specifically includes:
detecting a source address and a destination address of each data frame in the analysis characters;
determining a data frame with a source address not equal to the device physical address and a destination address not equal to the device physical address in the parsing character as a noise data frame;
and deleting the noise data frame from the analysis character to obtain historical data.
Optionally, the selecting, based on the total number of data frames in the historical data and the preset classification parameter, a target data field length from all data field lengths of the historical data as a classification threshold to obtain a classification threshold list specifically includes:
sequencing all data field lengths of the historical data in an increasing order to obtain a length sequence;
selecting from the length sequence
Figure 100002_DEST_PATH_IMAGE035
Taking the length of each data field as the length of a target data field and recording the length of each data field to obtain a grading threshold list; wherein the content of the first and second substances,
Figure 216453DEST_PATH_IMAGE035
the length of each data field is the first in the length sequence
Figure 19324DEST_PATH_IMAGE036
Figure 100002_DEST_PATH_IMAGE037
、……、
Figure 767968DEST_PATH_IMAGE038
A data field length;
Figure 100002_DEST_PATH_IMAGE039
is the total number of data frames in the history data,
Figure 77028DEST_PATH_IMAGE040
is a preset grading parameter.
The invention also provides a system for preventing divulgence in stream data transmission based on coding, which comprises:
the data frame length analysis module is used for acquiring a historical network flow data file and counting the data domain length of each data frame in the historical network flow data file to obtain a frame length distribution sequence; determining preset grading parameters according to the frame length distribution sequence to obtain a grading threshold list, and normalizing the grading threshold list to obtain a normalized grading threshold list;
a data frame length filling confusion module, configured to obtain a data field length of a data frame to be processed, and generate filling bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold list; carrying out null filling and matrix bottom filling on the data frame to be processed based on null filling bits and the filling bit data to obtain a matrix after row filling and mixing; performing hash filling on the matrix after confusion by adopting a hash function to obtain an encrypted data frame and transmitting the encrypted data frame;
and the data frame identification module is used for dividing the encrypted data frame into a bit data part matrix and a hash value part matrix after the receiving end receives the encrypted data frame, carrying out hash value verification based on the hash value part matrix, filtering the bit data part matrix based on a verification mark sequence generated by a verification result, and removing the data frame filled at the bottom of the matrix in the filtered matrix to obtain the original data frame.
Compared with the prior art, the invention has the beneficial effects that:
the invention provides a method and a system for preventing leakage of stream data transmission based on coding.A hierarchical threshold list is generated by a frame length distribution sequence obtained by counting the length of a data domain of each data frame in a historical network stream data file so as to fill the frame length of the data frame in a hierarchical manner; by carrying out frame length filling processing on a data frame data part (a data field of a data frame to be processed) of stream data generated during video conference transmission, the problem that the privacy safety of a user is influenced due to the fact that data transmission characteristics are exposed due to the change of the length of the data frame is avoided; through the verification of the hash value, the filtering and the removal of the data frame filled at the bottom of the matrix, the filled data frame can be ensured to be correctly restored by a receiving end, so that normal communication is facilitated. The invention hides some transmission characteristics causing data leakage problem in data transmission by recoding the transmitted stream data, avoids the attacker from counting and classifying the stream data frames on the network level to obtain the user private information, thereby protecting the secrecy of user operation and the safety of service.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
Fig. 1 is a flowchart of a method for preventing leakage in encoding-based stream data transmission according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a system for preventing disclosure of stream data transmission based on encoding according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
Fig. 1 is a flowchart of a method for preventing leakage in encoding-based stream data transmission according to an embodiment of the present invention.
In this embodiment, taking stream data in a video conference scene as an example, the encoding-based stream data transmission anti-leakage method of this embodiment is wholly divided into three processes:
the data frame length analysis process comprises the following steps:
and generating related segmentation threshold values by counting the length distribution of historical streaming data frames transmitted in the video conference scene so as to facilitate subsequent hierarchical filling. Firstly, historical video network flow data is analyzed through a Scapy sniffing tool, and irrelevant noise data is filtered. The Scapy sniffing tool can analyze the code stream into analysis characters taking the data frames as units, record corresponding timestamps, a transmission source end and a destination end, and filter the data frames irrelevant to the video conference by detecting the data frame source end and the destination end; secondly, counting the frame length distribution sequence of the data frames: sequentially recording the length of each data frame and storing the length in a frame length distribution sequence form; and finally, determining a filling threshold according to the frame length distribution condition of the data frame. The process outputs a padding threshold vector by inputting historical video conference stream data.
Data frame length filling obfuscation:
frame length filling processing is carried out on the data frame data part of the streaming data generated during video conference transmission, so that the data transmission characteristics are prevented from being exposed due to the change of the data frame length, and the privacy safety of a user is prevented from being influenced. First, the data frame hierarchical fill length is analyzed. In order to avoid the situation that the network transmission load is increased due to the filling length of a single data frame so as to influence the transmission efficiency of the data frame, different levels of filling lengths are adopted for different data frames according to a filling threshold vector generated in the length analysis process of the data frames; secondly, randomly generating filling bit data, and filling a data field of the data frame according to a certain rule, wherein the filling of the bit data follows a certain confusion line, so that an attacker cannot obtain original data through cleaning; finally, the HASH function is used to identify the padding data field, so that the padding bits can be efficiently separated at the receiving end. The process outputs the filled and obfuscated data frame by inputting the original data frame.
Data frame identification process:
and ensuring that the filled data frame can be correctly restored by a receiving end so as not to influence the normal communication of the video conference. Firstly, reading a data field of a data frame and restoring the data field into a matrix form, which is helpful for subsequently indexing the hash value and actual bit data; secondly, verifying the hash value: verifying the hash value of each row of the matrix, and filtering the filling data frame according to the hash value; then, removing the extra filling data frame, namely deleting the data frame filled at the tail part of the matrix; and finally, recovering the data field: and the matrix is restored to the original data domain, so that the usability of the data is ensured. The process outputs the original data frame by inputting the filled and obfuscated data frame.
The encoding-based stream data transmission anti-leakage method of the embodiment specifically includes:
step 101: acquiring a historical network flow data file, and counting the data field length of each data frame in the historical network flow data file to obtain a frame length distribution sequence. The historical network stream data file is a network stream data file transmitted in a video conference scene.
The step 101 specifically includes:
1) and reading the historical stream data and the related parameters. The method specifically comprises the following steps: reading historical network stream data files
Figure DEST_PATH_IMAGE041
And device physical address
Figure 670951DEST_PATH_IMAGE042
2) The extraneous noisy data frames are parsed and filtered. The method specifically comprises the following steps: analyzing the historical network stream data file to obtain an analysis character taking a data frame as a unit; deleting the noise data frame in the analysis character based on the equipment physical address to obtain historical data, wherein the historical data specifically comprises the following steps: sequentially detecting the first of the parsed charactersiSource address of data frame
Figure DEST_PATH_IMAGE043
And destination address
Figure 266012DEST_PATH_IMAGE044
(ii) a If it is
Figure 513454DEST_PATH_IMAGE045
Then the data frame is a noise data frame and the data frame is deleted.
Figure 521861DEST_PATH_IMAGE041
Obtaining historical data after analyzing and filtering irrelevant noise
Figure DEST_PATH_IMAGE046
3) And establishing a statistical sequence, and recording the length of each data frame in sequence. If step 3) is performed for the first time, the index range is set to [ 2 ]MINMTU]As an initial statistical sequenceL. Wherein the content of the first and second substances,MTUthe maximum transmission unit, typically 1500,MINis the minimum number of bytes, typically 46, of the data field portion of the data frame. Then, read sequentially
Figure 447704DEST_PATH_IMAGE047
Counting the data field length of the data frame and updating the statistical sequenceLThe method comprises the following specific steps:
31): the data frame is read. If step 31) is performed for the first time, then the assignment is made
Figure 225167DEST_PATH_IMAGE047
Sequence number of medium data framejAnd = 0. Fetch data frames
Figure DEST_PATH_IMAGE048
32): analyzing data frame length and updating statistical sequenceL. Calculating a data field length of a data frame
Figure 112352DEST_PATH_IMAGE049
And updating the statistical sequence
Figure DEST_PATH_IMAGE050
Wherein
Figure 545738DEST_PATH_IMAGE051
The addresses indexed in the sequence are looked up.
33): updating variables
Figure DEST_PATH_IMAGE052
Repeating the steps 31) to 33) until
Figure 12623DEST_PATH_IMAGE053
And finally obtaining a statistical sequence which is the frame length distribution sequence. Therefore, in the step 3), the frame length distribution sequence is obtained by counting the data field length of each data frame in the historical data.
Step 102: and determining preset grading parameters according to the frame length distribution sequence to obtain a grading threshold list, and normalizing the grading threshold list to obtain a normalized grading threshold list.
The step 102 specifically includes:
firstly, the preset grading parameter is determined by the frame length distribution sequence and the safety requirement
Figure 647522DEST_PATH_IMAGE040
In general, of
Figure DEST_PATH_IMAGE054
The distribution is concentrated when the values are smaller, and the safety requirement is higher.
Then, based on the total number of data frames in the historical data
Figure 174450DEST_PATH_IMAGE055
And said preset rating parameter
Figure 157449DEST_PATH_IMAGE040
And selecting the length of a target data field from all the lengths of the data fields of the historical data as a grading threshold value to obtain a grading threshold value list. The specific determination method of the ranking threshold list comprises the following steps:sequencing all data field lengths of the historical data in an increasing order to obtain a length sequence; selecting from the length sequence
Figure 490341DEST_PATH_IMAGE035
The length of each data field is taken as the length of a target data field and recorded to obtain a hierarchical threshold list
Figure DEST_PATH_IMAGE056
(ii) a Wherein the content of the first and second substances,
Figure 648921DEST_PATH_IMAGE035
the length of each data field is the first in the length sequence
Figure 409067DEST_PATH_IMAGE036
Figure 610854DEST_PATH_IMAGE037
、……、
Figure 606492DEST_PATH_IMAGE038
Length of data field. I.e. finding the length sequence from the frame length distribution sequence
Figure 947474DEST_PATH_IMAGE036
Figure 144100DEST_PATH_IMAGE037
、……、
Figure 836113DEST_PATH_IMAGE038
The data field length of the data frame is recorded in the hierarchical threshold list
Figure 510808DEST_PATH_IMAGE056
In (1).
Finally, normalizing the hierarchical threshold value list to obtain a normalized hierarchical threshold value list
Figure 971876DEST_PATH_IMAGE012
(ii) a Wherein the content of the first and second substances,
Figure 73824DEST_PATH_IMAGE001
Figure 987554DEST_PATH_IMAGE002
is the second in the normalized ranking threshold listkThe number of classification thresholds is such that,
Figure 480588DEST_PATH_IMAGE003
is composed of
Figure 61742DEST_PATH_IMAGE004
When it is established
Figure 69012DEST_PATH_IMAGE005
The smallest positive integer is taken as the smallest positive integer,
Figure 470038DEST_PATH_IMAGE006
is the first in the ranking threshold listkThe number of classification thresholds is such that,
Figure 345590DEST_PATH_IMAGE007
and the minimum byte number of the data field of the data frame in the historical data is used.
Step 103: and acquiring the data field length of the data frame to be processed, and generating filling bit data based on the data field length of the data frame to be processed and the normalized grading threshold list.
The step 103 specifically includes:
first, a data frame to be processed is read
Figure 781250DEST_PATH_IMAGE057
And obtaining the data field length thereof
Figure 225001DEST_PATH_IMAGE011
. The normalized ranked threshold list is then queried
Figure 113323DEST_PATH_IMAGE012
Determining a filling length threshold value of the data frame to be processed; the filling length threshold value is
Figure 667932DEST_PATH_IMAGE008
When it is established
Figure 689590DEST_PATH_IMAGE009
Taking the minimum value of the sum of the average values,
Figure 569821DEST_PATH_IMAGE010
i.e. by
Figure 804494DEST_PATH_IMAGE009
Is a ranking threshold in the normalized ranking threshold list. Finally, filling bit data with the length of the filling length threshold value is randomly generated
Figure DEST_PATH_IMAGE058
I.e. equal probability of each bit being 1 or 0.
Step 104: and carrying out null filling and matrix bottom filling on the data frame to be processed based on null filling bits and the filling bit data to obtain a matrix after row filling and mixing. The step is that the data frame to be processed is firstly processed
Figure 100477DEST_PATH_IMAGE057
Converting into a matrix; secondly, filling a data frame at the tail part; finally, the row data is obfuscated and a mark is recorded for each row.
The step 104 specifically includes:
a data frame conversion matrix. The data field of the data frame to be processed is processed
Figure 510730DEST_PATH_IMAGE059
Performing matrix conversion preferentially to obtain a matrix to be processed; the size of the matrix to be processed is (
Figure DEST_PATH_IMAGE060
(ii) a Wherein the content of the first and second substances,
Figure 702808DEST_PATH_IMAGE014
is composed of
Figure 565722DEST_PATH_IMAGE061
When it is established
Figure 261801DEST_PATH_IMAGE016
Taking the maximum integer; .
The matrix null is filled. Filling null values in the matrix to be processed by using null value filling bits to obtain a matrix filled with the null values; the length (number of null values) of the null-value padding bits is: (
Figure DEST_PATH_IMAGE062
The header of the null padding bit is 1, and the part of the null padding bit other than the header is 0.
And filling bit data. Firstly, selecting row filling data from the filling bit data; wherein the content of the first and second substances,
Figure 464243DEST_PATH_IMAGE063
Figure DEST_PATH_IMAGE064
the data is filled in for the row(s),
Figure 358381DEST_PATH_IMAGE065
in order to fill in the bit data,
Figure DEST_PATH_IMAGE066
indicating the first in the filler bit data
Figure 380695DEST_PATH_IMAGE067
Bit data of a line and the second
Figure DEST_PATH_IMAGE068
The following bit data, in which,
Figure 749972DEST_PATH_IMAGE069
express get
Figure 869237DEST_PATH_IMAGE065
All satisfy
Figure DEST_PATH_IMAGE070
Data of (1), if
Figure 793331DEST_PATH_IMAGE071
Absence means no minimum or maximum limit. Then, determining an amplification matrix from the matrix filled with the null values, wherein the size of the amplification matrix is
Figure DEST_PATH_IMAGE072
(ii) a And filling the row filling data into the bottom of the amplification matrix to obtain a matrix after row filling.
The line data is obfuscated. First, a length of
Figure 302941DEST_PATH_IMAGE005
Of (2) a marker sequence
Figure 541155DEST_PATH_IMAGE073
Marking the matrix after the row filling by adopting the marking sequence to obtain a marked matrix; before the marker sequence
Figure 514928DEST_PATH_IMAGE025
Each is marked as 1, the
Figure DEST_PATH_IMAGE074
To the first
Figure 875502DEST_PATH_IMAGE005
Each is 0. Then, the first of the marked matrix
Figure 925936DEST_PATH_IMAGE075
Go to
Figure 967841DEST_PATH_IMAGE005
Before line random insertion
Figure 796120DEST_PATH_IMAGE025
In the rows, the obfuscated matrix is obtained.
Step 105: and performing hash filling on the confused matrix by adopting a hash function to obtain an encrypted data frame and transmitting the encrypted data frame.
The step 105 specifically includes:
the hash function identifies the padding data field. Using hashing (HASH) The function orderly processes each row of bit data in the matrix after confusion
Figure 265278DEST_PATH_IMAGE034
Hash value calculation
Figure DEST_PATH_IMAGE076
Wherein the hash function is not fixed, and the length of the obtained hash result is
Figure 608535DEST_PATH_IMAGE030
A bit. Filling the confused matrix with the Hash result to obtain a Hash filled matrix; the size of the matrix after hash filling is
Figure 454131DEST_PATH_IMAGE077
(ii) a A post-hash-padded matrix in a row with the tag sequence 1
Figure DEST_PATH_IMAGE078
Bit is its hash value
Figure 340179DEST_PATH_IMAGE076
A last row of the hash-filled matrix in which the tag sequence is 0
Figure 242888DEST_PATH_IMAGE030
Bit is the hash value of
Figure 11124DEST_PATH_IMAGE076
And a random value. Deleting the mark sequence in the matrix after the Hash filling to obtain an amplified matrix,
the data frame is normalized. Flattening the amplified matrix into a one-dimensional sequence, and replacing
Figure 129253DEST_PATH_IMAGE057
Data field derived encrypted data frame
Figure 197703DEST_PATH_IMAGE079
And transmitted.
Step 106: and after receiving the encrypted data frame, a receiving end divides the encrypted data frame into a bit data part matrix and a hash value part matrix, performs hash value verification based on the hash value part matrix, filters the bit data part matrix based on a verification mark sequence generated by a verification result, and removes the data frame filled at the bottom of the matrix in the filtered matrix to obtain the original data frame.
The step 106 specifically includes:
a data field of the normalized data frame. When the receiving end receives the encrypted data frame
Figure DEST_PATH_IMAGE080
Thereafter, by reading the encrypted data frame
Figure 805402DEST_PATH_IMAGE081
Obtain its data field
Figure DEST_PATH_IMAGE082
(ii) a And converted to a size of
Figure 733038DEST_PATH_IMAGE083
Of (2) matrix
Figure DEST_PATH_IMAGE084
. Wherein the content of the first and second substances,
Figure 717174DEST_PATH_IMAGE085
the actual bit data is separated from the hash value. Will matrix
Figure DEST_PATH_IMAGE086
Is divided into columns, wherein the bit data portion matrix is
Figure 580743DEST_PATH_IMAGE087
The hash value part matrix is
Figure DEST_PATH_IMAGE088
And the obtained matrix
Figure 500289DEST_PATH_IMAGE089
The value of each row is stored at a length of
Figure 243117DEST_PATH_IMAGE005
Of (2) a
Figure DEST_PATH_IMAGE090
In (1).
The hash value is verified. Reading matrices in sequence
Figure 906311DEST_PATH_IMAGE091
Each row of bit data of
Figure 542829DEST_PATH_IMAGE034
And sequence
Figure DEST_PATH_IMAGE092
Value of each bit in
Figure 630346DEST_PATH_IMAGE093
Verification of
Figure DEST_PATH_IMAGE094
And if the result is positive, recording 1, otherwise, recording 0. And sequentially storing the sequence in a verification mark sequence
Figure 532574DEST_PATH_IMAGE073
In (1).
The filler data frames are filtered. Reading matrices in sequence
Figure 61775DEST_PATH_IMAGE091
Each row of bit data of
Figure 693745DEST_PATH_IMAGE034
And a label
Figure 282989DEST_PATH_IMAGE095
Value of each bit in
Figure DEST_PATH_IMAGE096
. If it is
Figure 62726DEST_PATH_IMAGE097
If yes, deleting the bit data of the corresponding row in the matrix
Figure 395619DEST_PATH_IMAGE034
. Finally, the size will be
Figure 631164DEST_PATH_IMAGE072
Matrix array
Figure 656889DEST_PATH_IMAGE091
Filter deletion of size: (
Figure DEST_PATH_IMAGE098
Of (2) matrix
Figure 533709DEST_PATH_IMAGE099
(filtered matrix). Wherein the content of the first and second substances,
Figure 404713DEST_PATH_IMAGE016
is composed of
Figure 745696DEST_PATH_IMAGE095
The number of 0 s in (1).
The extra padding data frames are removed. Reading matrix
Figure 801376DEST_PATH_IMAGE099
Last row of bit data
Figure DEST_PATH_IMAGE100
In the read small end sequence
Figure 899914DEST_PATH_IMAGE034
In the first occurrence of 1
Figure 837258DEST_PATH_IMAGE101
. Updating the row of bit data
Figure DEST_PATH_IMAGE102
And deleting the filling data frame to obtain an updated matrix.
And recovering the data field. Flattening the updated matrix into a one-dimensional sequence and replacing
Figure 704851DEST_PATH_IMAGE103
Data field obtaining original data frame
Figure 806799DEST_PATH_IMAGE057
In the embodiment, for the problem of security privacy disclosure of a conference user caused by stream data feature exposure in a network video conference scene, firstly, the length distribution condition and the data security level of data frames in current video conference stream data are analyzed, and a reasonable segmentation threshold value is determined. A data frame grading filling strategy is provided on the basis, and by floating the length characteristics of the data frames, the characteristics of difficulty in identification and cleaning by attackers are achieved while the privacy of the stream data characteristics of the video conference is prevented from being revealed.
The invention also provides a system for preventing leakage of stream data transmission based on coding, and fig. 2 is a schematic structural diagram of the system for preventing leakage of stream data transmission based on coding provided by the embodiment of the invention. Referring to fig. 2, the encoding-based stream data transmission anti-disclosure system of the present embodiment includes:
a data frame length analysis module 201, configured to obtain a historical network stream data file, and count the data field length of each data frame in the historical network stream data file to obtain a frame length distribution sequence; and determining preset grading parameters according to the frame length distribution sequence to obtain a grading threshold list, and normalizing the grading threshold list to obtain a normalized grading threshold list.
A data frame length filling confusion module 202, configured to obtain a data field length of a data frame to be processed, and generate filling bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold list; carrying out null filling and matrix bottom filling on the data frame to be processed based on null filling bits and the filling bit data to obtain a matrix after row filling and mixing; and performing hash filling on the confused matrix by adopting a hash function to obtain an encrypted data frame and transmitting the encrypted data frame.
The data frame identification module 203 is configured to, after the receiving end receives the encrypted data frame, divide the encrypted data frame into a bit data portion matrix and a hash value portion matrix, perform hash value verification based on the hash value portion matrix, filter the bit data portion matrix based on a verification flag sequence generated by a verification result, and remove a data frame filled in the bottom of the matrix in the filtered matrix to obtain an original data frame.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system disclosed by the embodiment, the description is relatively simple because the system corresponds to the method disclosed by the embodiment, and the relevant points can be referred to the method part for description.
The principles and embodiments of the present invention have been described herein using specific examples, which are provided only to help understand the method and the core concept of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed. In view of the above, the present disclosure should not be construed as limiting the invention.

Claims (10)

1. An encoding-based stream data transmission anti-leakage method is characterized by comprising the following steps:
acquiring a historical network flow data file, and counting the data domain length of each data frame in the historical network flow data file to obtain a frame length distribution sequence;
determining preset grading parameters according to the frame length distribution sequence to obtain a grading threshold list, and normalizing the grading threshold list to obtain a normalized grading threshold list;
acquiring the data field length of a data frame to be processed, and generating filling bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold list;
carrying out null filling and matrix bottom filling on the data frame to be processed based on null filling bits and the filling bit data to obtain a matrix after row filling and mixing;
performing hash filling on the matrix after confusion by adopting a hash function to obtain an encrypted data frame and transmitting the encrypted data frame;
and after receiving the encrypted data frame, a receiving end divides the encrypted data frame into a bit data part matrix and a hash value part matrix, performs hash value verification based on the hash value part matrix, filters the bit data part matrix based on a verification mark sequence generated by a verification result, and removes the data frame filled at the bottom of the matrix in the filtered matrix to obtain the original data frame.
2. The encoding-based stream data transmission leakage-prevention method according to claim 1, wherein the obtaining a historical network stream data file, and counting a data field length of each data frame in the historical network stream data file to obtain a frame length distribution sequence specifically includes:
acquiring a historical network stream data file and a device physical address;
analyzing the historical network stream data file to obtain an analysis character taking a data frame as a unit;
deleting the noise data frame in the analytic character based on the equipment physical address to obtain historical data;
and counting the data field length of each data frame in the historical data to obtain a frame length distribution sequence.
3. The encoding-based stream data transmission leakage prevention method according to claim 2, wherein the determining a preset classification parameter from the frame length distribution sequence to obtain a classification threshold list, and performing normalization processing on the classification threshold list to obtain a normalized classification threshold list specifically includes:
determining preset grading parameters according to the frame length distribution sequence, and selecting target data domain lengths from all data domain lengths of the historical data as grading threshold values based on the total number of data frames in the historical data and the preset grading parameters to obtain a grading threshold value list;
normalizing the grading threshold list to obtain a normalized grading threshold list; wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE001
Figure 558996DEST_PATH_IMAGE002
is the second in the normalized ranking threshold listkThe number of classification thresholds is such that,
Figure DEST_PATH_IMAGE003
is composed of
Figure 232554DEST_PATH_IMAGE004
When it is established
Figure DEST_PATH_IMAGE005
The smallest positive integer is taken as the smallest positive integer,
Figure 447766DEST_PATH_IMAGE006
is the first in the ranking threshold listkThe number of classification thresholds is such that,
Figure DEST_PATH_IMAGE007
and the minimum byte number of the data field of the data frame in the historical data is used.
4. The encoding-based stream data transmission anti-leakage method according to claim 3, wherein the obtaining a data field length of a data frame to be processed, and generating padding bit data based on the data field length of the data frame to be processed and the normalized classification threshold list specifically include:
acquiring the data field length of a data frame to be processed, querying the normalized grading threshold list, and determining the filling length threshold of the data frame to be processed; the filling length threshold value is
Figure 537818DEST_PATH_IMAGE008
When it is established
Figure DEST_PATH_IMAGE009
Taking the minimum value of the sum of the average values,
Figure 62340DEST_PATH_IMAGE010
Figure DEST_PATH_IMAGE011
for the data field length of the data frame to be processed,
Figure 957615DEST_PATH_IMAGE012
is a normalized ranked threshold list;
and randomly generating filling bit data with the length of the filling length threshold value.
5. The encoding-based stream data transmission leakage-prevention method as claimed in claim 4, wherein the null padding and matrix bottom padding are performed on the data frame to be processed based on the null padding bits and the padding bit data to obtain a matrix after row padding and perform aliasing, and specifically includes:
performing matrix conversion on the data domain of the data frame to be processed to obtain a matrix to be processed; the size of the matrix to be processed is
Figure DEST_PATH_IMAGE013
(ii) a Wherein the content of the first and second substances,
Figure 101151DEST_PATH_IMAGE014
is composed of
Figure DEST_PATH_IMAGE015
When it is established
Figure 640848DEST_PATH_IMAGE016
Taking the maximum integer;
filling null values in the matrix to be processed by using null value filling bits to obtain a matrix filled with the null values; the null padding bits have a length of
Figure DEST_PATH_IMAGE017
The header of the null padding bit is 1, and the part of the null padding bit except the header is 0;
selecting row filling data from the filling bit data; wherein the content of the first and second substances,
Figure 474287DEST_PATH_IMAGE018
Figure DEST_PATH_IMAGE019
the data is filled in for the row(s),
Figure 591279DEST_PATH_IMAGE020
in order to fill in the bit data,
Figure DEST_PATH_IMAGE021
indicating the first in the filler bit data
Figure 7348DEST_PATH_IMAGE022
Bit data of a line and the second
Figure DEST_PATH_IMAGE023
The following bit data;
determining an amplification matrix from the matrix filled with the null values; the amplification matrix has a size of
Figure 181977DEST_PATH_IMAGE024
Filling the row filling data into the bottom of the amplification matrix to obtain a matrix after row filling;
generating a length of
Figure 595772DEST_PATH_IMAGE005
Marking the matrix after the row filling by adopting the marking sequence to obtain a marked matrix; before the marker sequence
Figure DEST_PATH_IMAGE025
Each is marked as 1, the
Figure 855852DEST_PATH_IMAGE026
To the first
Figure 750646DEST_PATH_IMAGE005
Each is 0;
the first of the marked matrix
Figure DEST_PATH_IMAGE027
Go to
Figure 655148DEST_PATH_IMAGE028
Before line random insertion
Figure DEST_PATH_IMAGE029
In the rows, the obfuscated matrix is obtained.
6. The encoding-based stream data transmission leakage-prevention method as claimed in claim 5, wherein the hash filling is performed on the obfuscated matrix by using a hash function to obtain an encrypted data frame and the encrypted data frame is transmitted, specifically comprising:
calculating the hash value of each row of bit data in the confused matrix by adopting a hash function to obtain the length of
Figure 957953DEST_PATH_IMAGE030
Filling the confused matrix with the hash result to obtain a matrix after hash filling; the size of the matrix after hash filling is
Figure DEST_PATH_IMAGE031
(ii) a A post-hash-padded matrix in a row with the tag sequence 1
Figure 49537DEST_PATH_IMAGE030
The bit is the hash value, and the mark sequence in the matrix after hash filling is the last row of 0
Figure 10671DEST_PATH_IMAGE030
Bits are random values other than the hash value;
and deleting the mark sequence in the matrix after the Hash filling to obtain an amplified matrix, flattening the amplified matrix into a one-dimensional sequence to obtain an encrypted data frame and transmitting the encrypted data frame.
7. The encoding-based stream data transmission leakage-prevention method as claimed in claim 6, wherein the method, after receiving the encrypted data frame at the receiving end, of dividing the encrypted data frame into a bit data part matrix and a hash value part matrix, performing hash value verification based on the hash value part matrix, filtering the bit data part matrix based on a verification flag sequence generated by a verification result, and removing a data frame filled at the bottom of a matrix in the filtered matrix to obtain an original data frame, specifically comprises:
after receiving the encrypted data frame, a receiving end performs matrix conversion on the encrypted data frame, and divides the converted matrix into a bit data part matrix and a hash value part matrix according to columns;
performing hash value verification based on the hash value part matrix, generating a verification mark sequence according to a verification result, and deleting row bit data corresponding to the verification mark sequence of 0 in the bit data part matrix to obtain a filtered matrix;
reading the last row of bit data in the filtered matrix and the first 1 appearing position when the last row of bit data is stored according to the little endian, and according to the position
Figure 831997DEST_PATH_IMAGE032
Updating the last row of bit data to obtain an updated matrix;
Figure DEST_PATH_IMAGE033
for the last row of bit data after the update,
Figure 646981DEST_PATH_IMAGE034
for the last row of bit data in the filtered matrix,xthe position of the first 1 appearing when the bit data of the last line is stored according to the little endian;
and flattening the updated matrix into a one-dimensional sequence to obtain an original data frame.
8. The encoding-based stream data transmission anti-leakage method as claimed in claim 2, wherein the deleting the noise data frames in the parsed characters based on the device physical address to obtain the historical data specifically comprises:
detecting a source address and a destination address of each data frame in the analysis characters;
determining a data frame with a source address not equal to the device physical address and a destination address not equal to the device physical address in the parsing character as a noise data frame;
and deleting the noise data frame from the analysis character to obtain historical data.
9. The encoding-based stream data transmission anti-leakage method according to claim 3, wherein the step of selecting a target data field length from all data field lengths of the historical data as a classification threshold based on the total number of data frames in the historical data and the preset classification parameter to obtain a classification threshold list specifically comprises:
sequencing all data field lengths of the historical data in an increasing order to obtain a length sequence;
selecting from the length sequence
Figure DEST_PATH_IMAGE035
Taking the length of each data field as the length of a target data field and recording the length of each data field to obtain a grading threshold list; wherein the content of the first and second substances,
Figure 960282DEST_PATH_IMAGE035
the length of each data field is the first in the length sequence
Figure 787424DEST_PATH_IMAGE036
Figure DEST_PATH_IMAGE037
、……、
Figure 135360DEST_PATH_IMAGE038
A data field length;
Figure DEST_PATH_IMAGE039
is the total number of data frames in the history data,
Figure 779968DEST_PATH_IMAGE040
is a preset grading parameter.
10. An encoding-based stream data transmission anti-disclosure system, comprising:
the data frame length analysis module is used for acquiring a historical network flow data file and counting the data domain length of each data frame in the historical network flow data file to obtain a frame length distribution sequence; determining preset grading parameters according to the frame length distribution sequence to obtain a grading threshold list, and normalizing the grading threshold list to obtain a normalized grading threshold list;
a data frame length filling confusion module, configured to obtain a data field length of a data frame to be processed, and generate filling bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold list; carrying out null filling and matrix bottom filling on the data frame to be processed based on null filling bits and the filling bit data to obtain a matrix after row filling and mixing; performing hash filling on the matrix after confusion by adopting a hash function to obtain an encrypted data frame and transmitting the encrypted data frame;
and the data frame identification module is used for dividing the encrypted data frame into a bit data part matrix and a hash value part matrix after the receiving end receives the encrypted data frame, carrying out hash value verification based on the hash value part matrix, filtering the bit data part matrix based on a verification mark sequence generated by a verification result, and removing the data frame filled at the bottom of the matrix in the filtered matrix to obtain the original data frame.
CN202110078341.0A 2021-01-21 2021-01-21 Encoding-based stream data transmission anti-leakage method and system Active CN112398878B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110078341.0A CN112398878B (en) 2021-01-21 2021-01-21 Encoding-based stream data transmission anti-leakage method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110078341.0A CN112398878B (en) 2021-01-21 2021-01-21 Encoding-based stream data transmission anti-leakage method and system

Publications (2)

Publication Number Publication Date
CN112398878A true CN112398878A (en) 2021-02-23
CN112398878B CN112398878B (en) 2021-04-16

Family

ID=74624963

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110078341.0A Active CN112398878B (en) 2021-01-21 2021-01-21 Encoding-based stream data transmission anti-leakage method and system

Country Status (1)

Country Link
CN (1) CN112398878B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113055184A (en) * 2021-03-22 2021-06-29 中国工商银行股份有限公司 Data encryption and decryption method and device
CN113573308A (en) * 2021-09-22 2021-10-29 四川创智联恒科技有限公司 Method and module for improving air interface security

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104392172A (en) * 2014-10-30 2015-03-04 北京科技大学 Embedded industrial system-based security detection method and embedded industrial system-based security detection system
WO2017011046A2 (en) * 2015-04-24 2017-01-19 7Tunnels, Inc. Random cipher pad cryptography
CN109861819A (en) * 2019-03-19 2019-06-07 天津中德应用技术大学 Based on the data ciphering method and decryption method for obscuring encryption block algorithm
CN110784302A (en) * 2018-07-31 2020-02-11 株式会社东芝 Encrypted data generating device, digital signature generating device, data generating device with digital signature and system
CN111259416A (en) * 2020-01-13 2020-06-09 湖北大学 Multi-algorithm security encryption authentication system and method based on FPGA

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104392172A (en) * 2014-10-30 2015-03-04 北京科技大学 Embedded industrial system-based security detection method and embedded industrial system-based security detection system
WO2017011046A2 (en) * 2015-04-24 2017-01-19 7Tunnels, Inc. Random cipher pad cryptography
CN110784302A (en) * 2018-07-31 2020-02-11 株式会社东芝 Encrypted data generating device, digital signature generating device, data generating device with digital signature and system
CN109861819A (en) * 2019-03-19 2019-06-07 天津中德应用技术大学 Based on the data ciphering method and decryption method for obscuring encryption block algorithm
CN111259416A (en) * 2020-01-13 2020-06-09 湖北大学 Multi-algorithm security encryption authentication system and method based on FPGA

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113055184A (en) * 2021-03-22 2021-06-29 中国工商银行股份有限公司 Data encryption and decryption method and device
CN113573308A (en) * 2021-09-22 2021-10-29 四川创智联恒科技有限公司 Method and module for improving air interface security

Also Published As

Publication number Publication date
CN112398878B (en) 2021-04-16

Similar Documents

Publication Publication Date Title
CN112398878B (en) Encoding-based stream data transmission anti-leakage method and system
CN108600414B (en) Equipment fingerprint construction method and device, storage medium and terminal
CN111064678A (en) Network traffic classification method based on lightweight convolutional neural network
CN110417729B (en) Service and application classification method and system for encrypted traffic
CN108199863B (en) Network traffic classification method and system based on two-stage sequence feature learning
CN107959885B (en) Motion detection method of encrypted video
CN113132394B (en) Request processing system, method and device, storage medium and electronic equipment
El-Bendary FEC merged with double security approach based on encrypted image steganography for different purpose in the presence of noise and different attacks
WO2020199603A1 (en) Server vulnerability detection method and apparatus, device, and storage medium
CA2757817A1 (en) A system for and method of targeting broadcast messages
CN114866485A (en) Network traffic classification method and system based on aggregation entropy
CN113472537A (en) Data encryption method, system and computer readable storage medium
WO2016201876A1 (en) Service identification method and device for encrypted traffic, and computer storage medium
CN116486115A (en) Routing data management method based on Internet of things
Yuanzhang et al. A robust packet‐dropping covert channel for mobile intelligent terminals
CN114866657B (en) JPEG image encryption method for selecting plaintext safety and reducing size of ciphertext image file
Teotia et al. Enhancing audio and video steganography technique using hybrid algorithm
US20110123023A1 (en) Apparatus for video encryption by randomized block shuffling and method thereof
CN110912895A (en) Network data flow tracing method based on perceptual hash
CN106534137B (en) Media stream transmission method and device
CN114827671B (en) Streaming media encryption transmission method based on hardware fingerprint
US20230388237A1 (en) System and method for classifying obfuscated traffic flows
CN110557402A (en) abnormal flow detection method and device
CN112565179B (en) Detection method for application layer protocol in encryption agent channel
CN114679606B (en) Video flow identification method, system, electronic equipment and storage medium based on Burst characteristics

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant