CN114095242A - Storage type hidden channel scheme based on Tor hidden service domain name state - Google Patents
Storage type hidden channel scheme based on Tor hidden service domain name state Download PDFInfo
- Publication number
- CN114095242A CN114095242A CN202111368354.8A CN202111368354A CN114095242A CN 114095242 A CN114095242 A CN 114095242A CN 202111368354 A CN202111368354 A CN 202111368354A CN 114095242 A CN114095242 A CN 114095242A
- Authority
- CN
- China
- Prior art keywords
- domain name
- hidden
- channel
- sender
- receiver
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000006854 communication Effects 0.000 claims abstract description 34
- 238000004891 communication Methods 0.000 claims abstract description 30
- 238000000034 method Methods 0.000 claims abstract description 17
- 238000010276 construction Methods 0.000 claims abstract description 5
- 230000005540 biological transmission Effects 0.000 claims description 6
- 230000008569 process Effects 0.000 claims description 5
- 230000001360 synchronised effect Effects 0.000 claims description 2
- 238000005206 flow analysis Methods 0.000 abstract description 4
- 238000001514 detection method Methods 0.000 abstract description 3
- 230000007246 mechanism Effects 0.000 abstract description 3
- 241000234282 Allium Species 0.000 description 13
- 235000002732 Allium cepa var. cepa Nutrition 0.000 description 13
- 230000006399 behavior Effects 0.000 description 4
- 238000013461 design Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
- 238000010187 selection method Methods 0.000 description 1
- 230000004083 survival effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0421—Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0492—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a storage type hidden channel scheme based on a Tor hidden service domain name state, which firstly carries out hidden channel initialization: the method comprises the steps that a sender and a receiver carry out channel initialization, including out-of-band channel construction and parameter negotiation, domain name list generation and directory server selection; remodulation and demodulation algorithm: the sender modifies the accessible state of the hidden service domain name by uploading the hidden service descriptor, and the receiver traverses the corresponding directory server to determine the domain name state according to the parameters and the initialization configuration; and finally, optimizing the performance of the covert channel by using a coding and decoding algorithm with enhanced robustness. The method utilizes a Tor hidden service protocol mechanism, realizes hidden communication independent of flow characteristics through a data carrier in a domain name state, provides anonymity guarantee, avoids attack of a flow analysis detection method, and improves hidden channel concealment.
Description
Technical Field
The invention relates to a storage type hidden Channel scheme based on a Tor hidden service domain name state, and belongs to the technical field of Network hidden channels (Network covered channels) and anonymous networks (Anonymity networks).
Background
The wide application of the internet makes the network space security become more important, and some special government departments put higher requirements on the data security in network communication. Communication behavior hiding (also called covert communication) is a technical means for hiding the actual communication behavior of a user in other communication processes so as to protect the communication behavior from being discovered. As a typical application of covert communication in the network field, a network covert channel is widely regarded in the network communication field due to the security of data transmission, and a basic model of the network covert channel can be expressed by a prisoner model proposed by Simmons. However, the prisoner model belongs to a single-to-single communication mode, once the concealment of the prisoner model is damaged, an attacker can easily acquire address information of both communication parties of a covert channel through a public channel. Therefore, the traditional network covert channel has the problem of lack of anonymity. Meanwhile, with the research and development of network covert channel technology, an attack means aiming at the network covert channel is continuously emerged, wherein flow detection is a universal and effective mode, and the method detects the existence of covert channel carrier characteristics through means such as flow analysis and the like so as to destroy the covert channel concealment, so that the concealment of the traditional network covert channel is challenged.
Disclosure of Invention
The purpose of the invention is as follows: aiming at the problems of hidden danger of anonymity loss and facing to flow analysis attack of the traditional network covert channel, the invention provides a storage type covert channel scheme based on a Tor hidden service domain name state.
The technical scheme is as follows: the method for solving the technical problems is realized by the following technical scheme:
the invention relates to a storage type hidden channel scheme based on a Tor hidden service domain name state, which comprises the following steps:
(1) hidden channel initialization: the method comprises the steps that a sender and a receiver carry out channel initialization, including out-of-band channel construction and parameter negotiation, domain name list generation and directory server selection;
(2) modulation and demodulation algorithm: the sender modifies the accessible state of the hidden service domain name by uploading the hidden service descriptor, and the receiver traverses the corresponding directory server to determine the state of the domain name according to the parameters and the initialization configuration;
(3) the coding and decoding scheme comprises the following steps: the performance of the covert channel is optimized by a coding and decoding algorithm with enhanced robustness.
Further, the step (1) specifically includes:
(11) building an out-of-band channel and negotiating parameters: the sender and the receiver construct an anonymous link through Tor. Sending the time period T, the number N of directory servers used in the unit period and the number N of ending bits by the linkeInitial transmission time T of the sender0Sending the parameters to a receiver, wherein each parameter is 4 bytes, and the receiver initializes the parameters;
(12) and (3) generating a domain name list: according to the initial transmission time T of the sender0And a cycle number i, generating a domain name list using the following method: first, a seed string list is generated, in which the sender and receiver strings are identical, and both 22-byte random strings and 10-byte time stamps (T)0+ i x T); then, generating a domain name list from the seed character string list by using a Tor domain name generation method;
(13) selecting a directory server: and generating a directory server list for covert communication by utilizing a Tor built-in binary selection algorithm and caching according to the Tor network complete hidden service directory server list in the consensus file and the number N of directory servers used in a unit period in parameters.
Further, the step (2) specifically includes:
(21) the sender is based on the starting time T0And the time period T, uploading the hidden service descriptors according to the sequence order of the directory server, if the data bit is '1', the sender sends the descriptors to the directory server, otherwise, the descriptors are kept staticDefatting;
(22) the receiving party is according to the starting time T0With the time period T, requesting the descriptor of the corresponding domain name according to the descriptor in the sequence order of the directory server;
(23) if the receiver successfully obtains the data, marking the data bit '1', if the receiver fails to obtain the data bit '0', and if the receiver overtime obtains the data bit, marking the data bit as a failure bit 'x';
(24) the process of (21) to (23) is repeated using the time period, the synchronized directory server sequence and the domain name list, and the reception ends when the receiving side continuously receives N '0's or 'x's.
Further, the step (3) specifically includes:
(31) because the modulation and demodulation scheme of the covert channel is carried out on the basis of bit data, normal communication data needs to be converted into the bit data through Unicode coding;
(32) because the error code problem caused by uploading failure of a sender and the receiving failure problem of overtime acquisition of a receiver exist in the concealed communication process, the bit data is subjected to data encoding through a Hamming error correcting code so as to improve the robustness.
Has the advantages that: compared with the prior art, the invention has the following remarkable advantages:
1. with the increasing of network covert channel detection work, the traditional network covert channel single-to-single communication mode has the hidden danger of anonymity defect, and the anonymity of covert communication can be effectively improved by constructing the network covert channel based on the anonymous communication network.
2. The scheme design based on the third-party component, namely the hidden service directory server, provides a brand-new hidden channel design idea which does not depend on flow characteristics, so that the traditional hidden channel attack scheme based on flow analysis is invalid, and the concealment of hidden communication is improved.
3. The anonymous network is combined with covert communication, so that the security level of data communication is further improved. The invention adds an anonymous mechanism on the basis of covert communication, and provides a data communication solution with higher security level for a communication scene with high security requirement.
Drawings
Fig. 1 is a schematic diagram of a storage type hidden channel based on a hidden service domain name state according to the present invention.
Fig. 2 is a diagram illustrating an example of the modem algorithm of the present invention.
Detailed Description
The invention provides a storage type covert channel scheme based on a Tor covert service domain name state, and provides a covert communication scheme with high data security. The technology is divided into three parts, namely covert channel initialization, a modulation-demodulation algorithm and a coding and decoding scheme. The completion process is shown in fig. 1, and specifically includes:
1. covert channel initialization
The hidden channel initialization comprises three steps of out-of-band channel construction and parameter negotiation, domain name list generation and directory server selection.
Constructing an out-of-band channel and negotiating parameters: as shown in fig. 1, the sender and the receiver construct a directly connected out-of-band channel based on an anonymous network. The sender uses the time period T, the number N of directory servers used in the unit period and the ending digit N through an out-of-band channeleInitial transmission time T of the sender0Organizing a data packet with the size of 16 bytes, wherein each parameter occupies 4 bytes; the receiving party receives the data packet and analyzes the protocol parameter to complete protocol parameter negotiation of covert communication.
And (3) generating a domain name list: according to the Tor hidden service mechanism, the hidden service domain name is generated by a public key in a public and private key pair generated by a 32-byte random character string, so that a sender and a receiver can synchronously generate the domain name by generating the same 32-byte character string through a specific rule, the data volume of a public channel is reduced, and the concealment is improved. The design herein is based on the start time T0And a string list seeds (T) of cycle number i0I) construction rules are as follows:
(1) from T0Generated 22-byte random string RNG (T)0) Form seeds (T)0I) the first 22 bytes, the random string is synchronously calculated by the sender and the receiver and keeps the same;
(2) string () is defined as a timestamp to String method. From String(T0+ i T) constitutes seeds (T)0I) last 10 bytes.
According to the above rules, the sender and the receiver construct and hold the same character string list seeds (T) synchronously0I) and then calculate to generate the same hidden service domain name address list onions, onions [ i ]]Indicating the domain name of the ith cycle.
Selecting a directory server: network consensus files exist in the Tor network, and the Tor nodes can periodically acquire the consensus files to synchronize Tor network information such as network bandwidth and directory server lists. The method ensures that the versions of the files commonly identified by the two parties are the same by calibrating the time information of the sender and the receiver. routerstatus _ list is a list of Tor network complete directory server information in the Tor network consensus file. The directory server list dirs for covert communications is generated using a Tor built-in binary selection method based on the number of directory servers N used per unit period in the list and parameters.
3. Modem algorithm
The hidden service descriptor is generated by the hidden service, and includes introduction node information and authentication client information of the hidden service, and the like. The hidden service descriptor is stored in the directory server and has a certain life cycle. Before the client connects the hidden service, the hidden service descriptor is acquired through the domain name, so that the accessible state of the domain name can be determined according to the existence of the descriptor.
The sender server uploads the descriptor on a certain directory server, and the receiver client can acquire corresponding information from the corresponding directory server; if the sender remains silent, the acquisition operation of the receiver at the corresponding directory server will fail. Therefore, different behaviors of the sender can be sensed by the receiver, namely the sender can change the accessible state of the corresponding domain name through the uploading descriptor and use the accessible state as a data carrier of a covert channel to realize the transfer of covert data. According to the characteristics, the invention designs the modulation and demodulation algorithm of the storage type covert channel based on the state of the hidden service domain name as follows:
the initial environment of the covert channel can be obtained by constructing the out-of-band channel and initializing the covert channel: starting time of T0Time is divided into equal time intervals I by periods TiThe directory server list for covert communication is dirs, the length of the list is N, and the hidden service address list is onions. The algorithm comprises two parts of sender data modulation and receiver data demodulation.
And modulation of data of a sending party: when entering the interval IiThen, the sender reads N data bits (N) to be sent1,n2,…,nj,…,nN). When the ith data bit is '1', the transmitting end is at IiMixing the onions [ i ]]Upload the corresponding descriptor to dirs [ j ]](ii) a At '0', the sender remains silent. The specific algorithm flow is as follows:
and (3) receiver data demodulation: the receiving party is at interval I after a certain delayiConcurrent direction to dirs [ j ]]Request onions [ i ]]To read N-bit data bits (N)1,n2,…,nj,…,nN). If the descriptor is successfully acquired, the ith x N + j bit data bit is '1'; if the acquisition fails, the ith x N + j bit data bit is '0'; the timeout within the period is marked as 'x' indicating that the bit failed to be received. The communication ends when N '0's or 'x's are consecutively received. Removing last NeAnd outputting the secret data after the '0' or 'x' bit. The specific algorithm flow is as follows:
for example, at this time, the bit data of "1101011" needs to be transmitted in a hidden manner, T is 1s, N is 3, and N iseFor 2, the sender and the receiver generate descriptor lists [ dir1, dir2, dir 3] with the size of 3 through pre-initialization]The domain name list is onions.
As shown in fig. 2, since N takes a value of 3, the amount of data transmitted by each domain name is 3 bits. Data corresponding to the onions [0] is '110', and a sender uploads descriptors to dir1 and dir2 in 1s concurrently; data corresponding to the onions [1] is '101', and a sender uploads descriptors to dir1 and dir3 in 1s concurrently; the data for the onions [2] is "1", and the sender concurrently uploads the descriptor to dir1 within 1s of time.
After the receiver delays sigma, the domain name state of the onions [0] in the descriptor list is traversed in 1s, dir1 and dir2 can be accessed, and data '110' is recorded; the domain name state of the onions [1] in the descriptor list is traversed in 1s, and dir1 and dir3 can be accessed to record data of '101'; concurrently traverse the domain status of onions [2] in the descriptor list within 1s, dir1 is accessible, recording the data "100"; and concurrently traversing the domain name state of the onions [3] in the descriptor list within 1s, no domain name is accessible, recording data '000', wherein the number of '0' bits at the last bit of the data is more than N, and outputting the covert data '1101011' after removing the last 2 '0' bits in the record, wherein the '0' bits are an end mark and the covert communication is ended. If the time is overtime for 1s in the above query process, the corresponding bit is marked as a failure bit 'x'.
Because the descriptor has a survival period, the sender only needs to upload the descriptor before the receiver inquires the domain name accessible state in the process, and does not need to carry out strict periodic synchronization between the two parties.
4. Coding and decoding scheme
Because the modulation and demodulation scheme of the covert channel is carried out based on bit data, normal communication data needs to be converted into the bit data through Unicode coding; meanwhile, the error code problem caused by uploading failure of the sender and the receiving failure problem caused by overtime acquisition of the receiver exist in the concealed communication process, so that the bit data is subjected to data encoding through a Hamming error correcting code to improve the robustness.
Finally, it should be noted that: the above embodiments are only used for illustrating the technical solutions of the present application and not for limiting the scope of protection thereof, and although the present application is described in detail with reference to the above embodiments, those of ordinary skill in the art should understand that: after reading this application, those skilled in the art will be able to make various changes, modifications and equivalents to the embodiments of the application, which fall within the scope of the claims of the application.
Claims (4)
1. A Tor hidden service domain name state-based storage type hidden channel scheme, comprising the steps of:
(1) hidden channel initialization: the method comprises the steps that a sender and a receiver carry out channel initialization, including out-of-band channel construction and parameter negotiation, domain name list generation and directory server selection;
(2) modulation and demodulation algorithm: the sender modifies the accessible state of the hidden service domain name by uploading the hidden service descriptor, and the receiver traverses the corresponding directory server to determine the state of the domain name according to the parameters and the initialization configuration;
(3) and (3) encoding and decoding scheme: the performance of the covert channel is optimized by a coding and decoding algorithm with enhanced robustness.
2. The Tor hidden service domain name state-based storage type hidden channel scheme of claim 1, wherein the step (1) specifically comprises:
(11) constructing an out-of-band channel and negotiating parameters: the sender and receiver build an anonymous link through Tor. Sending the time period T, the number N of directory servers used in the unit period and the number N of ending bits by the linkeInitial transmission time T of the sender0Sending the parameters to a receiver, wherein each parameter is 4 bytes, and the receiver initializes the parameters;
(12) and (3) generating a domain name list: according to the initial transmission time T of the sender0And a cycle number i, generating a domain name list using the following method: firstly, a seed character string list is generated, wherein the character strings of a sender and a receiver in the seed character string list are identical, and are both 22-byte random character strings and 10-byte time stamps (T)0+ i x T); then, generating a domain name list from the seed character string list by using a Tor domain name generation method;
(13) selecting a directory server: and generating a directory server list for covert communication by using a Tor built-in binary selection algorithm and caching according to a Tor network complete hidden service directory server list in the consensus file and the number N of directory servers used in a unit period in parameters.
3. The Tor hidden service domain name state-based storage type hidden channel scheme of claim 1, wherein the step (2) specifically comprises:
(21) the sender is based on the starting time T0And a time period T, uploading the hidden service descriptors according to the sequence of the directory server, if the data bit is '1', the sender sends the descriptors to the directory server, and if not, the descriptors are kept silent;
(22) the receiving party is according to the starting time T0With the time period T, requesting the descriptor of the corresponding domain name according to the descriptor in the sequence order of the directory server;
(23) if the receiver successfully obtains the data, marking the data bit '1', if the receiver fails to obtain the data bit '0', and if the receiver overtime obtains the data bit, marking the data bit as a failure bit 'x';
(24) the process of (21) to (23) is repeated using the time period, the synchronized directory server sequence and the domain name list, and the reception ends when the receiving side continuously receives N '0's or 'x's.
4. The Tor hidden service domain name state based storage type hidden channel scheme of claim 1, wherein said step (3) comprises:
(31) because the modulation and demodulation scheme of the covert channel is carried out based on bit data, normal communication data needs to be converted into the bit data through Unicode coding;
(32) because the error code problem caused by uploading failure of the sender and the receiving failure problem of overtime acquisition of the receiver exist in the concealed communication process, the bit data is subjected to data encoding through the Hamming error correcting code so as to improve the robustness.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111368354.8A CN114095242B (en) | 2021-11-18 | 2021-11-18 | Storage type hidden channel construction method based on Tor hidden service domain name state |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111368354.8A CN114095242B (en) | 2021-11-18 | 2021-11-18 | Storage type hidden channel construction method based on Tor hidden service domain name state |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114095242A true CN114095242A (en) | 2022-02-25 |
| CN114095242B CN114095242B (en) | 2024-02-06 |
Family
ID=80301573
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111368354.8A Active CN114095242B (en) | 2021-11-18 | 2021-11-18 | Storage type hidden channel construction method based on Tor hidden service domain name state |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114095242B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110392050A (en) * | 2019-07-18 | 2019-10-29 | 北京理工大学 | A kind of construction method of the Use of Covert Storage Channels based on timestamp |
| CN111245570A (en) * | 2020-01-14 | 2020-06-05 | 中国科学院软件研究所 | Block chain network covert communication method based on multi-node timestamp collusion |
| CN111711597A (en) * | 2020-04-16 | 2020-09-25 | 武汉大学 | Tor dark network user tracing method and system based on time slot stream watermark |
| CN112887329A (en) * | 2021-02-24 | 2021-06-01 | 北京邮电大学 | Hidden service tracing method and device and electronic equipment |
| US20210352053A1 (en) * | 2020-05-11 | 2021-11-11 | Northeastern University | Private 5G Cellular Connectivity as a Service Through Full-Stack Wireless Steganography |
-
2021
- 2021-11-18 CN CN202111368354.8A patent/CN114095242B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110392050A (en) * | 2019-07-18 | 2019-10-29 | 北京理工大学 | A kind of construction method of the Use of Covert Storage Channels based on timestamp |
| CN111245570A (en) * | 2020-01-14 | 2020-06-05 | 中国科学院软件研究所 | Block chain network covert communication method based on multi-node timestamp collusion |
| CN111711597A (en) * | 2020-04-16 | 2020-09-25 | 武汉大学 | Tor dark network user tracing method and system based on time slot stream watermark |
| US20210352053A1 (en) * | 2020-05-11 | 2021-11-11 | Northeastern University | Private 5G Cellular Connectivity as a Service Through Full-Stack Wireless Steganography |
| CN112887329A (en) * | 2021-02-24 | 2021-06-01 | 北京邮电大学 | Hidden service tracing method and device and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114095242B (en) | 2024-02-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11146395B2 (en) | Methods for secure authentication | |
| Kim et al. | Measuring ethereum network peers | |
| Snoeren et al. | Hash-based IP traceback | |
| Feamster et al. | Infranet: Circumventing web censorship and surveillance | |
| CN109040115B (en) | Covert communication method under block chain network environment | |
| CN105763317B (en) | Secret information transmission method based on BitTorrent agreement Have message | |
| Luo et al. | Robust network covert communications based on TCP and enumerative combinatorics | |
| WO2003067450A1 (en) | Probabalistic packet marking | |
| Hussain et al. | A high bandwidth covert channel in network protocol | |
| FR2912019A1 (en) | Information or data coding method for e.g. wireless transmission network, involves generating public key using random invertible matrix and matrix obtained by random permutation, and using private and public keys to code and decode data | |
| Cheshire et al. | Consistent overhead byte stuffing | |
| Luo et al. | Cloak: A ten-fold way for reliable covert communications | |
| CN114666073A (en) | Hidden channel transmission method based on SSL protocol complete communication | |
| Yan et al. | Algorithms for low-latency remote file synchronization | |
| CN115276906B (en) | Data frame transmission method, device, chip, storage medium and Bluetooth equipment | |
| Moreira et al. | Capacity and robustness tradeoffs in Bloom filters for distributed applications | |
| CN111245569B (en) | Block chain network covert communication method based on node uniqueness identifier arrangement | |
| Dua et al. | Covert communication using address resolution protocol broadcast request messages | |
| CN114095242B (en) | Storage type hidden channel construction method based on Tor hidden service domain name state | |
| CN104660591B (en) | IP address-based packet length feedback network concealed communication method | |
| CN114070631B (en) | Storage type hidden channel scheme based on Tor hidden service descriptor | |
| Xue et al. | A New Network Steganographic Method Based on the Transverse Multi-Protocol Collaboration. | |
| Harvan et al. | Prefix-and lexicographical-order-preserving ip address anonymization | |
| CN111988288A (en) | Key exchange method, system, equipment and storage medium based on network time delay | |
| CN108551448B (en) | Distributed denial of service attack detection method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |