CN112398878A - Encoding-based stream data transmission anti-leakage method and system - Google Patents
Encoding-based stream data transmission anti-leakage method and system Download PDFInfo
- Publication number
- CN112398878A CN112398878A CN202110078341.0A CN202110078341A CN112398878A CN 112398878 A CN112398878 A CN 112398878A CN 202110078341 A CN202110078341 A CN 202110078341A CN 112398878 A CN112398878 A CN 112398878A
- Authority
- CN
- China
- Prior art keywords
- data
- matrix
- filling
- data frame
- frame
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 42
- 238000000034 method Methods 0.000 title claims abstract description 39
- 239000011159 matrix material Substances 0.000 claims abstract description 193
- 238000012795 verification Methods 0.000 claims description 35
- 238000004458 analytical method Methods 0.000 claims description 16
- 230000003321 amplification Effects 0.000 claims description 9
- 238000003199 nucleic acid amplification method Methods 0.000 claims description 9
- 238000006243 chemical reaction Methods 0.000 claims description 6
- 238000001914 filtration Methods 0.000 claims description 6
- 239000000945 filler Substances 0.000 claims description 4
- 239000003550 marker Substances 0.000 claims description 4
- 238000003780 insertion Methods 0.000 claims description 3
- 238000012545 processing Methods 0.000 claims description 3
- 238000012163 sequencing technique Methods 0.000 claims description 3
- 238000010606 normalization Methods 0.000 claims 1
- 230000002265 prevention Effects 0.000 claims 1
- 238000004891 communication Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 4
- 238000004140 cleaning Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000011218 segmentation Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 238000007667 floating Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/0001—Systems modifying transmission characteristics according to link quality, e.g. power backoff
- H04L1/0006—Systems modifying transmission characteristics according to link quality, e.g. power backoff by adapting the transmission format
- H04L1/0007—Systems modifying transmission characteristics according to link quality, e.g. power backoff by adapting the transmission format by modifying the frame length
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/0001—Systems modifying transmission characteristics according to link quality, e.g. power backoff
- H04L1/0015—Systems modifying transmission characteristics according to link quality, e.g. power backoff characterised by the adaptation strategy
- H04L1/0019—Systems modifying transmission characteristics according to link quality, e.g. power backoff characterised by the adaptation strategy in which mode-switching is based on a statistical approach
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Quality & Reliability (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Probability & Statistics with Applications (AREA)
- Power Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method and a system for preventing leakage in stream data transmission based on coding. The method comprises the following steps: counting the data field length of each data frame in the historical network flow data file to obtain a frame length distribution sequence; obtaining a hierarchical threshold list from the frame length distribution sequence; generating filling bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold value list; carrying out null filling and matrix bottom filling on the data frame to be processed based on the null filling bits and the filling bit data to obtain a matrix after row filling and mixing; carrying out Hash filling on the matrix after confusion by adopting a Hash function to obtain an encrypted data frame and transmitting the encrypted data frame; and the receiving end divides the received encrypted data frame into a bit data part matrix and a hash value part matrix, and obtains an original data frame after the data frame filled at the bottom of the matrix in the filtered matrix is verified, filtered and removed by the hash value. The invention can avoid the attacker from counting and classifying the streaming data frames on the network level to obtain the private information of the user.
Description
Technical Field
The invention relates to the field of stream data security transmission, in particular to a method and a system for preventing leakage of stream data transmission based on coding.
Background
With the development of communication technology and multimedia technology, people are not satisfied with the communication of text and voice, and network multimedia applications mainly based on video conferences become more and more extensive. Meanwhile, the large-scale popularization of the fifth generation communication technology also promotes the video conference system to be more intelligent, efficient, convenient and quick, not only comprehensively improves the informatization level of each industry, but also can realize zero-distance communication among all parties. The video conference is a conference service which provides real-time audio and video transmission between remote and multiple points, and video information, voice information, character information and the like in the form of stream data are transmitted and received by multiple parties at any time. However, due to the nature of the stream data: the volume is huge, the value is high, and the process of the video conference is easy to suffer from air interface wireless signal interference and protocol attack. At present, data of a video conference is transmitted by using a fifth generation mobile communication technology, namely, an SSL/TLS protocol is still used for encrypting flow during data transmission, but the flow data protected in this way cannot avoid characteristic analysis of an attacker, namely, the attacker analyzes and obtains statistical characteristic information in captured massive flow data packets, such as a length system distribution matrix of frame bytes, a length distribution matrix of packet bytes, and the like. After specific combination, screening and analysis, the information can reflect the behavior, performance and conference progress of the participants from the side. Therefore, the security of the current streaming data transmission still needs to be improved.
Disclosure of Invention
Therefore, it is necessary to provide a method and a system for preventing leakage of streaming data transmission based on coding, which hide some transmission characteristics causing data leakage problem in data transmission by re-coding the transmitted streaming data, so as to prevent an attacker from counting and classifying streaming data frames on a network level to obtain user private information, thereby protecting the confidentiality of user operation and the security of service.
In order to achieve the purpose, the invention provides the following scheme:
an encoding-based stream data transmission anti-leakage method comprises the following steps:
acquiring a historical network flow data file, and counting the data domain length of each data frame in the historical network flow data file to obtain a frame length distribution sequence;
determining preset grading parameters according to the frame length distribution sequence to obtain a grading threshold list, and normalizing the grading threshold list to obtain a normalized grading threshold list;
acquiring the data field length of a data frame to be processed, and generating filling bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold list;
carrying out null filling and matrix bottom filling on the data frame to be processed based on null filling bits and the filling bit data to obtain a matrix after row filling and mixing;
performing hash filling on the matrix after confusion by adopting a hash function to obtain an encrypted data frame and transmitting the encrypted data frame;
and after receiving the encrypted data frame, a receiving end divides the encrypted data frame into a bit data part matrix and a hash value part matrix, performs hash value verification based on the hash value part matrix, filters the bit data part matrix based on a verification mark sequence generated by a verification result, and removes the data frame filled at the bottom of the matrix in the filtered matrix to obtain the original data frame.
Optionally, the obtaining of the historical network stream data file and counting the data field length of each data frame in the historical network stream data file to obtain a frame length distribution sequence specifically include:
acquiring a historical network stream data file and a device physical address;
analyzing the historical network stream data file to obtain an analysis character taking a data frame as a unit;
deleting the noise data frame in the analytic character based on the equipment physical address to obtain historical data;
and counting the data field length of each data frame in the historical data to obtain a frame length distribution sequence.
Optionally, the determining, by the frame length distribution sequence, a preset classification parameter to obtain a classification threshold list, and normalizing the classification threshold list to obtain a normalized classification threshold list specifically includes:
determining preset grading parameters according to the frame length distribution sequence, and selecting target data domain lengths from all data domain lengths of the historical data as grading threshold values based on the total number of data frames in the historical data and the preset grading parameters to obtain a grading threshold value list;
normalizing the grading threshold list to obtain a normalized grading threshold list; wherein,
,
is the second in the normalized ranking threshold listkThe number of classification thresholds is such that,
is composed of
When it is established
The smallest positive integer is taken as the smallest positive integer,
is the first in the ranking threshold listkThe number of classification thresholds is such that,
and the minimum byte number of the data field of the data frame in the historical data is used.
Optionally, the obtaining the data field length of the data frame to be processed, and generating the padding bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold list specifically include:
acquiring the data field length of a data frame to be processed, querying the normalized grading threshold list, and determining the filling length threshold of the data frame to be processed; the filling length threshold value is
When it is established
Taking the minimum value of the sum of the average values,
;
for the data field length of the data frame to be processed,
is a normalized ranked threshold list;
and randomly generating filling bit data with the length of the filling length threshold value.
Optionally, the null-value filling and matrix bottom filling are performed on the data frame to be processed based on the null-value filling bits and the filling bit data, so as to obtain a matrix after row filling and mix the matrix, which specifically includes:
performing matrix conversion on the data domain of the data frame to be processed to obtain a matrix to be processed; the size of the matrix to be processed is (
(ii) a Wherein,
is composed of
When it is established
Taking the maximum integer;
filling null values in the matrix to be processed by using null value filling bits to obtain a matrix filled with the null values; the null padding bits have a length of (
The header of the null padding bit is 1, and the part of the null padding bit except the header is 0;
selecting row filling data from the filling bit data; wherein,
,
the data is filled in for the row(s),
in order to fill in the bit data,
indicating the first in the filler bit data
Bit data of a line and the second
The following bit data;
determining an amplification matrix from the matrix filled with the null values; the amplification matrix has a size of
;
Filling the row filling data into the bottom of the amplification matrix to obtain a matrix after row filling;
generating a length of
Marking the matrix after the row filling by adopting the marking sequence to obtain a marked matrix; before the marker sequence
Each is marked as 1, the
To the first
Each is 0;
the first of the marked matrix
Go to
Before line random insertion
In the rows, the obfuscated matrix is obtained.
Optionally, the hash function is used to perform hash filling on the obfuscated matrix, so as to obtain an encrypted data frame and transmit the encrypted data frame, and the method specifically includes:
calculating the hash value of each row of bit data in the confused matrix by adopting a hash function to obtain the length of
Filling the confused matrix with the hash result to obtain a matrix after hash filling; the size of the matrix after hash filling is
(ii) a A post-hash-padded matrix in a row with the tag sequence 1
The bit is the hash value, and the mark sequence in the matrix after hash filling is the last row of 0
Bits are random values other than the hash value;
and deleting the mark sequence in the matrix after the Hash filling to obtain an amplified matrix, flattening the amplified matrix into a one-dimensional sequence to obtain an encrypted data frame and transmitting the encrypted data frame.
Optionally, after the receiving end receives the encrypted data frame, the receiving end divides the encrypted data frame into a bit data part matrix and a hash value part matrix, performs hash value verification based on the hash value part matrix, filters the bit data part matrix based on a verification flag sequence generated by a verification result, and removes a data frame filled at the bottom of a matrix in the filtered matrix to obtain an original data frame, which specifically includes:
after receiving the encrypted data frame, a receiving end performs matrix conversion on the encrypted data frame, and divides the converted matrix into a bit data part matrix and a hash value part matrix according to columns;
performing hash value verification based on the hash value part matrix, generating a verification mark sequence according to a verification result, and deleting row bit data corresponding to the verification mark sequence of 0 in the bit data part matrix to obtain a filtered matrix;
reading the last row of bit data in the filtered matrix and the first 1 appearing position when the last row of bit data is stored according to the little endian, and according to the position
Updating the last row of bit data to obtain an updated matrix;
for the last row of bit data after the update,
for the last row of bit data in the filtered matrix,xthe position of the first 1 appearing when the bit data of the last line is stored according to the little endian;
and flattening the updated matrix into a one-dimensional sequence to obtain an original data frame.
Optionally, the deleting the noise data frame in the parsed character based on the device physical address to obtain historical data specifically includes:
detecting a source address and a destination address of each data frame in the analysis characters;
determining a data frame with a source address not equal to the device physical address and a destination address not equal to the device physical address in the parsing character as a noise data frame;
and deleting the noise data frame from the analysis character to obtain historical data.
Optionally, the selecting, based on the total number of data frames in the historical data and the preset classification parameter, a target data field length from all data field lengths of the historical data as a classification threshold to obtain a classification threshold list specifically includes:
sequencing all data field lengths of the historical data in an increasing order to obtain a length sequence;
selecting from the length sequence
Taking the length of each data field as the length of a target data field and recording the length of each data field to obtain a grading threshold list; wherein,
the length of each data field is the first in the length sequence
、
、……、
A data field length;
is the total number of data frames in the history data,
is a preset grading parameter.
The invention also provides a system for preventing divulgence in stream data transmission based on coding, which comprises:
the data frame length analysis module is used for acquiring a historical network flow data file and counting the data domain length of each data frame in the historical network flow data file to obtain a frame length distribution sequence; determining preset grading parameters according to the frame length distribution sequence to obtain a grading threshold list, and normalizing the grading threshold list to obtain a normalized grading threshold list;
a data frame length filling confusion module, configured to obtain a data field length of a data frame to be processed, and generate filling bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold list; carrying out null filling and matrix bottom filling on the data frame to be processed based on null filling bits and the filling bit data to obtain a matrix after row filling and mixing; performing hash filling on the matrix after confusion by adopting a hash function to obtain an encrypted data frame and transmitting the encrypted data frame;
and the data frame identification module is used for dividing the encrypted data frame into a bit data part matrix and a hash value part matrix after the receiving end receives the encrypted data frame, carrying out hash value verification based on the hash value part matrix, filtering the bit data part matrix based on a verification mark sequence generated by a verification result, and removing the data frame filled at the bottom of the matrix in the filtered matrix to obtain the original data frame.
Compared with the prior art, the invention has the beneficial effects that:
the invention provides a method and a system for preventing leakage of stream data transmission based on coding.A hierarchical threshold list is generated by a frame length distribution sequence obtained by counting the length of a data domain of each data frame in a historical network stream data file so as to fill the frame length of the data frame in a hierarchical manner; by carrying out frame length filling processing on a data frame data part (a data field of a data frame to be processed) of stream data generated during video conference transmission, the problem that the privacy safety of a user is influenced due to the fact that data transmission characteristics are exposed due to the change of the length of the data frame is avoided; through the verification of the hash value, the filtering and the removal of the data frame filled at the bottom of the matrix, the filled data frame can be ensured to be correctly restored by a receiving end, so that normal communication is facilitated. The invention hides some transmission characteristics causing data leakage problem in data transmission by recoding the transmitted stream data, avoids the attacker from counting and classifying the stream data frames on the network level to obtain the user private information, thereby protecting the secrecy of user operation and the safety of service.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
Fig. 1 is a flowchart of a method for preventing leakage in encoding-based stream data transmission according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a system for preventing disclosure of stream data transmission based on encoding according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
Fig. 1 is a flowchart of a method for preventing leakage in encoding-based stream data transmission according to an embodiment of the present invention.
In this embodiment, taking stream data in a video conference scene as an example, the encoding-based stream data transmission anti-leakage method of this embodiment is wholly divided into three processes:
the data frame length analysis process comprises the following steps:
and generating related segmentation threshold values by counting the length distribution of historical streaming data frames transmitted in the video conference scene so as to facilitate subsequent hierarchical filling. Firstly, historical video network flow data is analyzed through a Scapy sniffing tool, and irrelevant noise data is filtered. The Scapy sniffing tool can analyze the code stream into analysis characters taking the data frames as units, record corresponding timestamps, a transmission source end and a destination end, and filter the data frames irrelevant to the video conference by detecting the data frame source end and the destination end; secondly, counting the frame length distribution sequence of the data frames: sequentially recording the length of each data frame and storing the length in a frame length distribution sequence form; and finally, determining a filling threshold according to the frame length distribution condition of the data frame. The process outputs a padding threshold vector by inputting historical video conference stream data.
Data frame length filling obfuscation:
frame length filling processing is carried out on the data frame data part of the streaming data generated during video conference transmission, so that the data transmission characteristics are prevented from being exposed due to the change of the data frame length, and the privacy safety of a user is prevented from being influenced. First, the data frame hierarchical fill length is analyzed. In order to avoid the situation that the network transmission load is increased due to the filling length of a single data frame so as to influence the transmission efficiency of the data frame, different levels of filling lengths are adopted for different data frames according to a filling threshold vector generated in the length analysis process of the data frames; secondly, randomly generating filling bit data, and filling a data field of the data frame according to a certain rule, wherein the filling of the bit data follows a certain confusion line, so that an attacker cannot obtain original data through cleaning; finally, the HASH function is used to identify the padding data field, so that the padding bits can be efficiently separated at the receiving end. The process outputs the filled and obfuscated data frame by inputting the original data frame.
Data frame identification process:
and ensuring that the filled data frame can be correctly restored by a receiving end so as not to influence the normal communication of the video conference. Firstly, reading a data field of a data frame and restoring the data field into a matrix form, which is helpful for subsequently indexing the hash value and actual bit data; secondly, verifying the hash value: verifying the hash value of each row of the matrix, and filtering the filling data frame according to the hash value; then, removing the extra filling data frame, namely deleting the data frame filled at the tail part of the matrix; and finally, recovering the data field: and the matrix is restored to the original data domain, so that the usability of the data is ensured. The process outputs the original data frame by inputting the filled and obfuscated data frame.
The encoding-based stream data transmission anti-leakage method of the embodiment specifically includes:
step 101: acquiring a historical network flow data file, and counting the data field length of each data frame in the historical network flow data file to obtain a frame length distribution sequence. The historical network stream data file is a network stream data file transmitted in a video conference scene.
The step 101 specifically includes:
1) and reading the historical stream data and the related parameters. The method specifically comprises the following steps: reading historical network stream data files
And device physical address
。
2) The extraneous noisy data frames are parsed and filtered. The method specifically comprises the following steps: analyzing the historical network stream data file to obtain an analysis character taking a data frame as a unit; deleting the noise data frame in the analysis character based on the equipment physical address to obtain historical data, wherein the historical data specifically comprises the following steps: sequentially detecting the first of the parsed charactersiSource address of data frame
And destination address
(ii) a If it is
Then the data frame is a noise data frame and the data frame is deleted.
Obtaining historical data after analyzing and filtering irrelevant noise
。
3) And establishing a statistical sequence, and recording the length of each data frame in sequence. If step 3) is performed for the first time, the index range is set to [ 2 ]MIN,MTU]As an initial statistical sequenceL. Wherein,MTUthe maximum transmission unit, typically 1500,MINis the minimum number of bytes, typically 46, of the data field portion of the data frame. Then, read sequentially
Counting the data field length of the data frame and updating the statistical sequenceLThe method comprises the following specific steps:
31): the data frame is read. If step 31) is performed for the first time, then the assignment is made
Sequence number of medium data framejAnd = 0. Fetch data frames
。
32): analyzing data frame length and updating statistical sequenceL. Calculating a data field length of a data frame
And updating the statistical sequence
Wherein
The addresses indexed in the sequence are looked up.
33): updating variables
Repeating the steps 31) to 33) until
And finally obtaining a statistical sequence which is the frame length distribution sequence. Therefore, in the step 3), the frame length distribution sequence is obtained by counting the data field length of each data frame in the historical data.
Step 102: and determining preset grading parameters according to the frame length distribution sequence to obtain a grading threshold list, and normalizing the grading threshold list to obtain a normalized grading threshold list.
The step 102 specifically includes:
firstly, the preset grading parameter is determined by the frame length distribution sequence and the safety requirement
In general, of
The distribution is concentrated when the values are smaller, and the safety requirement is higher.
Then, based on the total number of data frames in the historical data
And said preset rating parameter
And selecting the length of a target data field from all the lengths of the data fields of the historical data as a grading threshold value to obtain a grading threshold value list. The specific determination method of the ranking threshold list comprises the following steps:sequencing all data field lengths of the historical data in an increasing order to obtain a length sequence; selecting from the length sequence
The length of each data field is taken as the length of a target data field and recorded to obtain a hierarchical threshold list
(ii) a Wherein,
the length of each data field is the first in the length sequence
、
、……、
Length of data field. I.e. finding the length sequence from the frame length distribution sequence
、
、……、
The data field length of the data frame is recorded in the hierarchical threshold list
In (1).
Finally, normalizing the hierarchical threshold value list to obtain a normalized hierarchical threshold value list
(ii) a Wherein,
,
is the second in the normalized ranking threshold listkThe number of classification thresholds is such that,
is composed of
When it is established
The smallest positive integer is taken as the smallest positive integer,
is the first in the ranking threshold listkThe number of classification thresholds is such that,
and the minimum byte number of the data field of the data frame in the historical data is used.
Step 103: and acquiring the data field length of the data frame to be processed, and generating filling bit data based on the data field length of the data frame to be processed and the normalized grading threshold list.
The step 103 specifically includes:
first, a data frame to be processed is read
And obtaining the data field length thereof
. The normalized ranked threshold list is then queried
Determining a filling length threshold value of the data frame to be processed; the filling length threshold value is
When it is established
Taking the minimum value of the sum of the average values,
i.e. by
Is a ranking threshold in the normalized ranking threshold list. Finally, filling bit data with the length of the filling length threshold value is randomly generated
I.e. equal probability of each bit being 1 or 0.
Step 104: and carrying out null filling and matrix bottom filling on the data frame to be processed based on null filling bits and the filling bit data to obtain a matrix after row filling and mixing. The step is that the data frame to be processed is firstly processed
Converting into a matrix; secondly, filling a data frame at the tail part; finally, the row data is obfuscated and a mark is recorded for each row.
The step 104 specifically includes:
a data frame conversion matrix. The data field of the data frame to be processed is processed
Performing matrix conversion preferentially to obtain a matrix to be processed; the size of the matrix to be processed is (
(ii) a Wherein,
is composed of
When it is established
Taking the maximum integer; .
The matrix null is filled. Filling null values in the matrix to be processed by using null value filling bits to obtain a matrix filled with the null values; the length (number of null values) of the null-value padding bits is: (
The header of the null padding bit is 1, and the part of the null padding bit other than the header is 0.
And filling bit data. Firstly, selecting row filling data from the filling bit data; wherein,
,
the data is filled in for the row(s),
in order to fill in the bit data,
indicating the first in the filler bit data
Bit data of a line and the second
The following bit data, in which,
express get
All satisfy
Data of (1), if
Absence means no minimum or maximum limit. Then, determining an amplification matrix from the matrix filled with the null values, wherein the size of the amplification matrix is
(ii) a And filling the row filling data into the bottom of the amplification matrix to obtain a matrix after row filling.
The line data is obfuscated. First, a length of
Of (2) a marker sequence
Marking the matrix after the row filling by adopting the marking sequence to obtain a marked matrix; before the marker sequence
Each is marked as 1, the
To the first
Each is 0. Then, the first of the marked matrix
Go to
Before line random insertion
In the rows, the obfuscated matrix is obtained.
Step 105: and performing hash filling on the confused matrix by adopting a hash function to obtain an encrypted data frame and transmitting the encrypted data frame.
The step 105 specifically includes:
the hash function identifies the padding data field. Using hashing (HASH) The function orderly processes each row of bit data in the matrix after confusion
Hash value calculation
Wherein the hash function is not fixed, and the length of the obtained hash result is
A bit. Filling the confused matrix with the Hash result to obtain a Hash filled matrix; the size of the matrix after hash filling is
(ii) a A post-hash-padded matrix in a row with the tag sequence 1
Bit is its hash value
A last row of the hash-filled matrix in which the tag sequence is 0
Bit is the hash value of
And a random value. Deleting the mark sequence in the matrix after the Hash filling to obtain an amplified matrix,
the data frame is normalized. Flattening the amplified matrix into a one-dimensional sequence, and replacing
Data field derived encrypted data frame
And transmitted.
Step 106: and after receiving the encrypted data frame, a receiving end divides the encrypted data frame into a bit data part matrix and a hash value part matrix, performs hash value verification based on the hash value part matrix, filters the bit data part matrix based on a verification mark sequence generated by a verification result, and removes the data frame filled at the bottom of the matrix in the filtered matrix to obtain the original data frame.
The step 106 specifically includes:
a data field of the normalized data frame. When the receiving end receives the encrypted data frame
Thereafter, by reading the encrypted data frame
Obtain its data field
(ii) a And converted to a size of
Of (2) matrix
. Wherein,
。
the actual bit data is separated from the hash value. Will matrix
Is divided into columns, wherein the bit data portion matrix is
The hash value part matrix is
And the obtained matrix
The value of each row is stored at a length of
Of (2) a
In (1).
The hash value is verified. Reading matrices in sequence
Each row of bit data of
And sequence
Value of each bit in
Verification of
And if the result is positive, recording 1, otherwise, recording 0. And sequentially storing the sequence in a verification mark sequence
In (1).
The filler data frames are filtered. Reading matrices in sequence
Each row of bit data of
And a label
Value of each bit in
. If it is
If yes, deleting the bit data of the corresponding row in the matrix
. Finally, the size will be
Matrix array
Filter deletion of size: (
Of (2) matrix
(filtered matrix). Wherein,
is composed of
The number of 0 s in (1).
The extra padding data frames are removed. Reading matrix
Last row of bit data
In the read small end sequence
In the first occurrence of 1
. Updating the row of bit data
And deleting the filling data frame to obtain an updated matrix.
And recovering the data field. Flattening the updated matrix into a one-dimensional sequence and replacing
Data field obtaining original data frame
。
In the embodiment, for the problem of security privacy disclosure of a conference user caused by stream data feature exposure in a network video conference scene, firstly, the length distribution condition and the data security level of data frames in current video conference stream data are analyzed, and a reasonable segmentation threshold value is determined. A data frame grading filling strategy is provided on the basis, and by floating the length characteristics of the data frames, the characteristics of difficulty in identification and cleaning by attackers are achieved while the privacy of the stream data characteristics of the video conference is prevented from being revealed.
The invention also provides a system for preventing leakage of stream data transmission based on coding, and fig. 2 is a schematic structural diagram of the system for preventing leakage of stream data transmission based on coding provided by the embodiment of the invention. Referring to fig. 2, the encoding-based stream data transmission anti-disclosure system of the present embodiment includes:
a data frame length analysis module 201, configured to obtain a historical network stream data file, and count the data field length of each data frame in the historical network stream data file to obtain a frame length distribution sequence; and determining preset grading parameters according to the frame length distribution sequence to obtain a grading threshold list, and normalizing the grading threshold list to obtain a normalized grading threshold list.
A data frame length filling confusion module 202, configured to obtain a data field length of a data frame to be processed, and generate filling bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold list; carrying out null filling and matrix bottom filling on the data frame to be processed based on null filling bits and the filling bit data to obtain a matrix after row filling and mixing; and performing hash filling on the confused matrix by adopting a hash function to obtain an encrypted data frame and transmitting the encrypted data frame.
The data frame identification module 203 is configured to, after the receiving end receives the encrypted data frame, divide the encrypted data frame into a bit data portion matrix and a hash value portion matrix, perform hash value verification based on the hash value portion matrix, filter the bit data portion matrix based on a verification flag sequence generated by a verification result, and remove a data frame filled in the bottom of the matrix in the filtered matrix to obtain an original data frame.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system disclosed by the embodiment, the description is relatively simple because the system corresponds to the method disclosed by the embodiment, and the relevant points can be referred to the method part for description.
The principles and embodiments of the present invention have been described herein using specific examples, which are provided only to help understand the method and the core concept of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed. In view of the above, the present disclosure should not be construed as limiting the invention.
Claims (10)
1. An encoding-based stream data transmission anti-leakage method is characterized by comprising the following steps:
acquiring a historical network flow data file, and counting the data domain length of each data frame in the historical network flow data file to obtain a frame length distribution sequence;
determining preset grading parameters according to the frame length distribution sequence to obtain a grading threshold list, and normalizing the grading threshold list to obtain a normalized grading threshold list;
acquiring the data field length of a data frame to be processed, and generating filling bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold list;
carrying out null filling and matrix bottom filling on the data frame to be processed based on null filling bits and the filling bit data to obtain a matrix after row filling and mixing;
performing hash filling on the matrix after confusion by adopting a hash function to obtain an encrypted data frame and transmitting the encrypted data frame;
and after receiving the encrypted data frame, a receiving end divides the encrypted data frame into a bit data part matrix and a hash value part matrix, performs hash value verification based on the hash value part matrix, filters the bit data part matrix based on a verification mark sequence generated by a verification result, and removes the data frame filled at the bottom of the matrix in the filtered matrix to obtain the original data frame.
2. The encoding-based stream data transmission leakage-prevention method according to claim 1, wherein the obtaining a historical network stream data file, and counting a data field length of each data frame in the historical network stream data file to obtain a frame length distribution sequence specifically includes:
acquiring a historical network stream data file and a device physical address;
analyzing the historical network stream data file to obtain an analysis character taking a data frame as a unit;
deleting the noise data frame in the analytic character based on the equipment physical address to obtain historical data;
and counting the data field length of each data frame in the historical data to obtain a frame length distribution sequence.
3. The encoding-based stream data transmission leakage prevention method according to claim 2, wherein the determining a preset classification parameter from the frame length distribution sequence to obtain a classification threshold list, and performing normalization processing on the classification threshold list to obtain a normalized classification threshold list specifically includes:
determining preset grading parameters according to the frame length distribution sequence, and selecting target data domain lengths from all data domain lengths of the historical data as grading threshold values based on the total number of data frames in the historical data and the preset grading parameters to obtain a grading threshold value list;
normalizing the grading threshold list to obtain a normalized grading threshold list; wherein,
,
is the second in the normalized ranking threshold listkThe number of classification thresholds is such that,
is composed of
When it is established
The smallest positive integer is taken as the smallest positive integer,
is the first in the ranking threshold listkThe number of classification thresholds is such that,
and the minimum byte number of the data field of the data frame in the historical data is used.
4. The encoding-based stream data transmission anti-leakage method according to claim 3, wherein the obtaining a data field length of a data frame to be processed, and generating padding bit data based on the data field length of the data frame to be processed and the normalized classification threshold list specifically include:
acquiring the data field length of a data frame to be processed, querying the normalized grading threshold list, and determining the filling length threshold of the data frame to be processed; the filling length threshold value is
When it is established
Taking the minimum value of the sum of the average values,
;
for the data field length of the data frame to be processed,
is a normalized ranked threshold list;
and randomly generating filling bit data with the length of the filling length threshold value.
5. The encoding-based stream data transmission leakage-prevention method as claimed in claim 4, wherein the null padding and matrix bottom padding are performed on the data frame to be processed based on the null padding bits and the padding bit data to obtain a matrix after row padding and perform aliasing, and specifically includes:
performing matrix conversion on the data domain of the data frame to be processed to obtain a matrix to be processed; the size of the matrix to be processed is
(ii) a Wherein,
is composed of
When it is established
Taking the maximum integer;
filling null values in the matrix to be processed by using null value filling bits to obtain a matrix filled with the null values; the null padding bits have a length of
The header of the null padding bit is 1, and the part of the null padding bit except the header is 0;
selecting row filling data from the filling bit data; wherein,
,
the data is filled in for the row(s),
in order to fill in the bit data,
indicating the first in the filler bit data
Bit data of a line and the second
The following bit data;
determining an amplification matrix from the matrix filled with the null values; the amplification matrix has a size of
;
Filling the row filling data into the bottom of the amplification matrix to obtain a matrix after row filling;
generating a length of
Marking the matrix after the row filling by adopting the marking sequence to obtain a marked matrix; before the marker sequence
Each is marked as 1, the
To the first
Each is 0;
the first of the marked matrix
Go to
Before line random insertion
In the rows, the obfuscated matrix is obtained.
6. The encoding-based stream data transmission leakage-prevention method as claimed in claim 5, wherein the hash filling is performed on the obfuscated matrix by using a hash function to obtain an encrypted data frame and the encrypted data frame is transmitted, specifically comprising:
calculating the hash value of each row of bit data in the confused matrix by adopting a hash function to obtain the length of
Filling the confused matrix with the hash result to obtain a matrix after hash filling; the size of the matrix after hash filling is
(ii) a A post-hash-padded matrix in a row with the tag sequence 1
The bit is the hash value, and the mark sequence in the matrix after hash filling is the last row of 0
Bits are random values other than the hash value;
and deleting the mark sequence in the matrix after the Hash filling to obtain an amplified matrix, flattening the amplified matrix into a one-dimensional sequence to obtain an encrypted data frame and transmitting the encrypted data frame.
7. The encoding-based stream data transmission leakage-prevention method as claimed in claim 6, wherein the method, after receiving the encrypted data frame at the receiving end, of dividing the encrypted data frame into a bit data part matrix and a hash value part matrix, performing hash value verification based on the hash value part matrix, filtering the bit data part matrix based on a verification flag sequence generated by a verification result, and removing a data frame filled at the bottom of a matrix in the filtered matrix to obtain an original data frame, specifically comprises:
after receiving the encrypted data frame, a receiving end performs matrix conversion on the encrypted data frame, and divides the converted matrix into a bit data part matrix and a hash value part matrix according to columns;
performing hash value verification based on the hash value part matrix, generating a verification mark sequence according to a verification result, and deleting row bit data corresponding to the verification mark sequence of 0 in the bit data part matrix to obtain a filtered matrix;
reading the last row of bit data in the filtered matrix and the first 1 appearing position when the last row of bit data is stored according to the little endian, and according to the position
Updating the last row of bit data to obtain an updated matrix;
for the last row of bit data after the update,
for the last row of bit data in the filtered matrix,xthe position of the first 1 appearing when the bit data of the last line is stored according to the little endian;
and flattening the updated matrix into a one-dimensional sequence to obtain an original data frame.
8. The encoding-based stream data transmission anti-leakage method as claimed in claim 2, wherein the deleting the noise data frames in the parsed characters based on the device physical address to obtain the historical data specifically comprises:
detecting a source address and a destination address of each data frame in the analysis characters;
determining a data frame with a source address not equal to the device physical address and a destination address not equal to the device physical address in the parsing character as a noise data frame;
and deleting the noise data frame from the analysis character to obtain historical data.
9. The encoding-based stream data transmission anti-leakage method according to claim 3, wherein the step of selecting a target data field length from all data field lengths of the historical data as a classification threshold based on the total number of data frames in the historical data and the preset classification parameter to obtain a classification threshold list specifically comprises:
sequencing all data field lengths of the historical data in an increasing order to obtain a length sequence;
selecting from the length sequence
Taking the length of each data field as the length of a target data field and recording the length of each data field to obtain a grading threshold list; wherein,
the length of each data field is the first in the length sequence
、
、……、
A data field length;
is the total number of data frames in the history data,
is a preset grading parameter.
10. An encoding-based stream data transmission anti-disclosure system, comprising:
the data frame length analysis module is used for acquiring a historical network flow data file and counting the data domain length of each data frame in the historical network flow data file to obtain a frame length distribution sequence; determining preset grading parameters according to the frame length distribution sequence to obtain a grading threshold list, and normalizing the grading threshold list to obtain a normalized grading threshold list;
a data frame length filling confusion module, configured to obtain a data field length of a data frame to be processed, and generate filling bit data based on the data field length of the data frame to be processed and the normalized hierarchical threshold list; carrying out null filling and matrix bottom filling on the data frame to be processed based on null filling bits and the filling bit data to obtain a matrix after row filling and mixing; performing hash filling on the matrix after confusion by adopting a hash function to obtain an encrypted data frame and transmitting the encrypted data frame;
and the data frame identification module is used for dividing the encrypted data frame into a bit data part matrix and a hash value part matrix after the receiving end receives the encrypted data frame, carrying out hash value verification based on the hash value part matrix, filtering the bit data part matrix based on a verification mark sequence generated by a verification result, and removing the data frame filled at the bottom of the matrix in the filtered matrix to obtain the original data frame.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110078341.0A CN112398878B (en) | 2021-01-21 | 2021-01-21 | Encoding-based stream data transmission anti-leakage method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110078341.0A CN112398878B (en) | 2021-01-21 | 2021-01-21 | Encoding-based stream data transmission anti-leakage method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112398878A true CN112398878A (en) | 2021-02-23 |
| CN112398878B CN112398878B (en) | 2021-04-16 |
Family
ID=74624963
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110078341.0A Active CN112398878B (en) | 2021-01-21 | 2021-01-21 | Encoding-based stream data transmission anti-leakage method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112398878B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113055184A (en) * | 2021-03-22 | 2021-06-29 | 中国工商银行股份有限公司 | Data encryption and decryption method and device |
| CN113573308A (en) * | 2021-09-22 | 2021-10-29 | 四川创智联恒科技有限公司 | Method and module for improving air interface security |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104392172A (en) * | 2014-10-30 | 2015-03-04 | 北京科技大学 | Embedded industrial system-based security detection method and embedded industrial system-based security detection system |
| WO2017011046A2 (en) * | 2015-04-24 | 2017-01-19 | 7Tunnels, Inc. | Random cipher pad cryptography |
| CN109861819A (en) * | 2019-03-19 | 2019-06-07 | 天津中德应用技术大学 | Based on the data ciphering method and decryption method for obscuring encryption block algorithm |
| CN110784302A (en) * | 2018-07-31 | 2020-02-11 | 株式会社东芝 | Encrypted data generating device, digital signature generating device, data generating device with digital signature and system |
| CN111259416A (en) * | 2020-01-13 | 2020-06-09 | 湖北大学 | Multi-algorithm security encryption authentication system and method based on FPGA |
-
2021
- 2021-01-21 CN CN202110078341.0A patent/CN112398878B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104392172A (en) * | 2014-10-30 | 2015-03-04 | 北京科技大学 | Embedded industrial system-based security detection method and embedded industrial system-based security detection system |
| WO2017011046A2 (en) * | 2015-04-24 | 2017-01-19 | 7Tunnels, Inc. | Random cipher pad cryptography |
| CN110784302A (en) * | 2018-07-31 | 2020-02-11 | 株式会社东芝 | Encrypted data generating device, digital signature generating device, data generating device with digital signature and system |
| CN109861819A (en) * | 2019-03-19 | 2019-06-07 | 天津中德应用技术大学 | Based on the data ciphering method and decryption method for obscuring encryption block algorithm |
| CN111259416A (en) * | 2020-01-13 | 2020-06-09 | 湖北大学 | Multi-algorithm security encryption authentication system and method based on FPGA |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113055184A (en) * | 2021-03-22 | 2021-06-29 | 中国工商银行股份有限公司 | Data encryption and decryption method and device |
| CN113573308A (en) * | 2021-09-22 | 2021-10-29 | 四川创智联恒科技有限公司 | Method and module for improving air interface security |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112398878B (en) | 2021-04-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111865815B (en) | Flow classification method and system based on federal learning | |
| CN110011931B (en) | Encrypted flow type detection method and system | |
| CN112398878B (en) | Encoding-based stream data transmission anti-leakage method and system | |
| CN108600414B (en) | Equipment fingerprint construction method and device, storage medium and terminal | |
| CN111064678A (en) | Network traffic classification method based on lightweight convolutional neural network | |
| CN108199863B (en) | Network traffic classification method and system based on two-stage sequence feature learning | |
| CN107959885B (en) | Motion detection method of encrypted video | |
| CN114866485B (en) | Network traffic classification method and classification system based on aggregation entropy | |
| CA2757817C (en) | A system for and method of targeting broadcast messages | |
| Huamán et al. | Authentication and integrity of smartphone videos through multimedia container structure analysis | |
| Zhao et al. | Fingerprint multicast in secure video streaming | |
| CN105279728B (en) | Pretreated intelligent mobile terminal image latent writing method is encrypted based on secret information | |
| Yuanzhang et al. | A robust packet‐dropping covert channel for mobile intelligent terminals | |
| Köhler et al. | Protecting information with subcodstanography | |
| CN116486115A (en) | Routing data management method based on Internet of things | |
| Teotia et al. | Enhancing audio and video steganography technique using hybrid algorithm | |
| US20110123023A1 (en) | Apparatus for video encryption by randomized block shuffling and method thereof | |
| CN110912895A (en) | Network data flow tracing method based on perceptual hash | |
| Nair | Genetic algorithm to make persistent security and quality of image in steganography from RS analysis | |
| CN114827671B (en) | Streaming media encryption transmission method based on hardware fingerprint | |
| US20230388237A1 (en) | System and method for classifying obfuscated traffic flows | |
| CN112565179B (en) | Detection method for application layer protocol in encryption agent channel | |
| CN113438506B (en) | Video file restoration method and device, computer equipment and storage medium | |
| CN114679606B (en) | Video flow identification method, system, electronic equipment and storage medium based on Burst characteristics | |
| AbdelRahim et al. | Adaptive security scheme for real-time VoIP using multi-layer steganography |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |