CN116192480B - Method and system for constructing hidden channel of Internet of things environment - Google Patents

Method and system for constructing hidden channel of Internet of things environment Download PDF

Info

Publication number
CN116192480B
CN116192480B CN202310079889.6A CN202310079889A CN116192480B CN 116192480 B CN116192480 B CN 116192480B CN 202310079889 A CN202310079889 A CN 202310079889A CN 116192480 B CN116192480 B CN 116192480B
Authority
CN
China
Prior art keywords
group
data packet
type
mqtt protocol
hidden information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310079889.6A
Other languages
Chinese (zh)
Other versions
CN116192480A (en
Inventor
郭琳虹
张小松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tangshan University
Original Assignee
Tangshan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tangshan University filed Critical Tangshan University
Priority to CN202310079889.6A priority Critical patent/CN116192480B/en
Publication of CN116192480A publication Critical patent/CN116192480A/en
Application granted granted Critical
Publication of CN116192480B publication Critical patent/CN116192480B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/26Special purpose or proprietary protocols or architectures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a method and a system for constructing an environment hidden channel of the Internet of things, wherein the method comprises the steps of sending a data packet with hidden information embedded with a start mark to a receiver; grouping the third type MQTT protocol data packet according to the first field in the third type MQTT protocol data packet; for the current group data packet, partitioning the range of the second field representation value in the group according to the embedded bit number of the hidden information in the group to obtain the number of value areas in the group, and calculating the interval of each value area in the group according to the bit number of the second field in the group; and determining each data packet to be transmitted in the current data packet according to the hidden information in the group and the interval of each value zone in the group, transmitting each data packet to be transmitted to a receiver, then embedding the hidden information of the next data packet until all the hidden information is embedded, and transmitting a hidden information embedding end mark to the receiver. The invention can ensure the detection resistance of the hidden channel, thereby improving the reliability of hidden information transmission.

Description

Method and system for constructing hidden channel of Internet of things environment
Technical Field
The invention relates to the field of information transmission, in particular to a method and a system for constructing an environment hidden channel of an Internet of things.
Background
With the increasing popularization and application of the internet of things technology, the data transmission security of the internet of things is also receiving more and more attention. Constructing hidden channels in the environment of the Internet of things to transmit hidden information is an important means for ensuring the safety of data transmission.
The hidden channel technology refers to that a sender transmits secret information to a receiver through a public channel, and the secret information is invisible to a third party, so that a hidden channel needs to be constructed under the public channel. The sender typically uses a network protocol as a carrier for the hidden channel, then embeds the secret information into the network data packet according to a hidden algorithm, and the receiver extracts the secret information from the data packet.
Because the safety research of the Internet of things is at the starting stage at present, the method for constructing the hidden channel based on the environment of the Internet of things is few. Meanwhile, the hidden channel constructed by the existing method is not strong in detection resistance, and an attacker can easily detect the existence of the hidden channel, so that the safety of hidden communication is threatened. Therefore, the method for constructing the hidden channel of the environment of the Internet of things, which is high in detectability, is necessary, so that the reliability of hidden information transmission is ensured.
Disclosure of Invention
The invention aims to provide a method and a system for constructing an environment hidden channel of the Internet of things, which can ensure the detectability of the hidden channel, thereby ensuring the reliability of hidden information transmission.
In order to achieve the above object, the present invention provides the following solutions:
a construction method of an environment hidden channel of an Internet of things comprises the following steps:
transmitting a data packet with a hidden information embedded start mark to a receiver; the data packet with the hidden information embedded with the start mark is a first packet sequence combination agreed in advance by a sender and a receiver, and the first packet sequence combination consists of a first type MQTT protocol data packet and a second type MQTT protocol data packet;
grouping the third type MQTT protocol data packets according to a first field in the third type MQTT protocol data packets to obtain a plurality of groups of third type MQTT protocol data packets; the three types of MQTT protocol data packets are carrier data packets embedded by the hidden information;
selecting a group of unselected third type MQTT protocol data packets from a plurality of groups of third type MQTT protocol data packets as a current group of third type MQTT protocol data packets;
aiming at the current group of the third type MQTT protocol data packet, partitioning the range of the second field representation value in the group according to the embedded bit number of the hidden information in the group to obtain the number of value regions in the group; the embedded bit number of the hidden information in the group is represented by a second packet sequence combination consisting of a fourth type MQTT protocol data packet and a fifth type MQTT protocol data packet; the range of the second field representing values in the group is determined according to the number of bits of the second field in the group;
calculating the interval of each value area in the group according to the number of the value areas in the group and the number of bits of the second field in the group aiming at the current group third type MQTT protocol data packet;
determining each data packet to be transmitted in the current group third type MQTT protocol data packet according to the hidden information in the group and the interval of each value area in the group, and transmitting each data packet to be transmitted to a receiver; the data packet to be sent is a data packet containing a target field value, wherein the target field value is a field value in a value area corresponding to the hidden information in the group;
judging whether all the hidden information is embedded to obtain a first judging result;
if the first judgment result is negative, returning to the step of selecting a group of unselected third type MQTT protocol data packets from a plurality of groups of third type MQTT protocol data packets as the current group of third type MQTT protocol data packets;
if the first judgment result is yes, sending a data packet of a hidden information embedding ending mark to the receiver; the data packet with the hidden information embedded end mark is a third packet sequence combination agreed in advance by a sender and a receiver, and the third packet sequence combination consists of the first type MQTT protocol data packet and the second type MQTT protocol data packet.
Optionally, the calculation formula of the number of the value areas includes:
N vz =2 l
wherein N is vz The number of value areas is l, and the number of embedded bits of hidden information in the group is l.
Optionally, for each group of the third type MQTT protocol data packets, calculating an interval of each value zone in the group according to the number of value zones in the group and the number of bits of the second field in the group, and specifically includes:
calculating the length of the value area according to the number of the value areas in the group and the number of bits of the second field in the group;
and calculating the interval of each value area in the group according to the length of the value area.
Optionally, the calculation formula of the value area length includes:
wherein L is the length of the value region, k is the number of bits of the second field in the group, N vz The number of value areas.
Optionally, after selecting a group of unselected third type MQTT protocol data packets from the plurality of groups of third type MQTT protocol data packets as a current group of third type MQTT protocol data packets, partitioning a range of the representation value of the second field in the group according to the embedded bit number of the hidden information in the group for the current group of third type MQTT protocol data packets, so as to obtain the number of value regions in the group, before the method further includes:
and transmitting the embedded bit number of the hidden information in the group to the receiver.
Optionally, the method further comprises:
judging whether the rest flow data packets in the transmission process contain the data packets which are the same as the data packets of the hidden information embedding start mark or the data packets of the hidden information embedding end mark, and obtaining a second judgment result; the rest flow data packets are data packets except the data packet of the hidden information embedding start mark and the data packet of the hidden information embedding end mark;
if the second judgment result is yes, inserting an escape mark data packet before the rest flow data packets; the escape mark data packet is a data packet represented by a third packet sequence combination consisting of the first type MQTT protocol data packet and the second type MQTT protocol data packet;
and if the second judging result is negative, not processing the rest flow data packets.
Optionally, the escape tag packet is agreed upon in advance by the sender and the receiver.
Optionally, the data packet of the hidden information embedded end mark is the inverse code of the data packet of the hidden information embedded start mark.
The invention also provides a system for constructing the hidden channel of the environment of the Internet of things, which comprises:
the data packet sending module is used for sending the data packet with the hidden information embedded start mark to the receiver; the data packet with the hidden information embedded with the start mark is a first packet sequence combination agreed in advance by a sender and a receiver, and the first packet sequence combination consists of a first type MQTT protocol data packet and a second type MQTT protocol data packet;
the grouping module is used for grouping the third type MQTT protocol data packets according to the first field in the third type MQTT protocol data packets to obtain a plurality of groups of third type MQTT protocol data packets; the three types of MQTT protocol data packets are carrier data packets embedded by the hidden information;
the selecting module is used for selecting a group of unselected third type MQTT protocol data packets from a plurality of groups of third type MQTT protocol data packets as a current group of third type MQTT protocol data packets;
the partitioning module is used for partitioning the range of the second field representation value in the group according to the embedded bit number of the hidden information in the group aiming at the current group third type MQTT protocol data packet to obtain the number of value regions in the group; the embedded bit number of the hidden information in the group is represented by a second packet sequence combination consisting of a fourth type MQTT protocol data packet and a fifth type MQTT protocol data packet; the range of the second field representing values in the group is determined according to the number of bits of the second field in the group;
the value zone interval calculation module is used for calculating the interval of each value zone in the group according to the number of the value zones in the group and the number of bits of the second field in the group aiming at the current group third type MQTT protocol data packet;
the data packet to be transmitted determining module is used for determining each data packet to be transmitted in the current group of third type MQTT protocol data packets according to the hidden information in the group and the interval of each value area in the group, and transmitting each data packet to be transmitted to a receiver; the data packet to be sent is a data packet containing a target field value, wherein the target field value is a field value in a value area corresponding to the hidden information in the group;
the judging module is used for judging whether the hidden information is completely embedded or not to obtain a first judging result;
if the first judgment result is negative, returning to the step of selecting a group of unselected third type MQTT protocol data packets from a plurality of groups of third type MQTT protocol data packets as the current group of third type MQTT protocol data packets;
if the first judgment result is yes, sending a data packet of a hidden information embedding ending mark to the receiver; the data packet with the hidden information embedded end mark is a third packet sequence combination agreed in advance by a sender and a receiver, and the third packet sequence combination consists of the first type MQTT protocol data packet and the second type MQTT protocol data packet.
Optionally, the system further comprises:
the second judging module is used for judging whether the rest flow data packets in the transmission process contain the data packets which are the same as the data packets of the hidden information embedding start mark or the data packets of the hidden information embedding end mark or not, so as to obtain a second judging result; the rest flow data packets are data packets except the data packet of the hidden information embedding start mark and the data packet of the hidden information embedding end mark;
if the second judgment result is yes, inserting an escape mark data packet before the rest flow data packets; the escape mark data packet is a data packet represented by a third packet sequence combination consisting of the first type MQTT protocol data packet and the second type MQTT protocol data packet;
and if the second judging result is negative, not processing the rest flow data packets.
According to the specific embodiment provided by the invention, the invention discloses the following technical effects:
the invention provides a construction method of an environment hidden channel of the Internet of things, which comprises the steps of firstly selecting a first packet sequence combination consisting of a first type MQTT protocol data packet and a second type MQTT protocol data packet as a data packet with hidden information embedded into a start mark, and sending the data packet with the start mark to a receiver; then, grouping the third type MQTT protocol data packets according to a first field in the third type MQTT protocol data packets, aiming at each group of third type MQTT protocol data packets, partitioning the range of the second field representation value in the group according to the embedding bit number of the hidden information in the group to obtain the number of value areas in the group, calculating the interval of each value area in the group according to the number of value areas in the group and the bit number of the second field in the group, determining each data packet to be transmitted in the current group of third type MQTT protocol data packets according to the hidden information in the group and the interval of each value area in the group, then carrying out the next group, transmitting each data packet to be transmitted to a receiver, then carrying out the embedding of the hidden information of the next group until the complete embedding of the hidden information is completed, transmitting the data packets of each group of the embedded hidden information to the receiver, and transmitting the data packet of the hidden information embedding end mark to the receiver. The invention adjusts the hidden digit through grouping change and determines the way of embedding the hidden information according to the value region of the embedded field value, thereby ensuring the characteristic fitting of the hidden flow and the public flow, further ensuring the detection resistance of the hidden channel and improving the reliability of the transmission of the hidden information.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions of the prior art, the drawings that are needed in the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flow chart of a method for constructing an environment hidden channel of the internet of things.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The MQTT (Message Queuing Telemetry Transport, message queue telemetry transport) protocol is a lightweight publish/subscribe mode based lightweight message transport protocol. The MQTT protocol has been widely used in the internet of things application layer. The MQTT protocol can transmit a large amount of information under the public channel of the Internet of things, and an effective carrier is provided for the transmission of secret information. The wide application of the MQTT protocol can provide better shielding for the existence of hidden channels. The MQTT protocol works on the TCP protocol, so that the reliability is high, and the reliability of hidden information transmission is further improved. Furthermore, the MQTT protocol defines 14 types of data packets, providing conditions for using sequential modulation of different types of data packets. Meanwhile, the MQTT data packet is provided with a reserved field which can be reused, so that space is provided for storing hidden information.
The invention aims to provide a method and a system for constructing an environment hidden channel of the Internet of things, which provide space for storing hidden information by utilizing reserved fields in an MQTT data packet. And the hidden information is embedded into the corresponding reserved or redundant field of the data packet, so that the hidden channel is ensured to be hidden. The hidden digit is regulated through grouping change, and the mode of embedding hidden information is determined according to the value region of the embedded field value, so that characteristic fitting of hidden flow and public flow can be ensured, and the detection resistance of a hidden channel is ensured.
In order that the above-recited objects, features and advantages of the present invention will become more readily apparent, a more particular description of the invention will be rendered by reference to the appended drawings and appended detailed description.
As shown in fig. 1, the invention provides a method for constructing an environment hidden channel of an internet of things, which comprises the following steps:
s1, sending a data packet with a hidden information embedded start mark to a receiver; the data packet with the hidden information embedded with the start mark is a first packet sequence combination agreed in advance by a sender and a receiver, and the first packet sequence combination consists of a first type MQTT protocol data packet and a second type MQTT protocol data packet.
Selecting P a (first type MQTT protocol data packet) and P b (second type MQTT protocol data packet) the packet sequence combination of the two types of MQTT protocol data packets serves as a flag for the beginning of the hidden information embedding. For example: indicating the number of data packets N in the packet sequence combination embedded with the start flag s =4,P a Data packetRepresent "1", P b When the data packet represents "0" and the embedding start flag is "1001", the corresponding data packet sequence "P" is correspondingly transmitted a1 P b1 P b2 P a2 ”。
S2, grouping the third type MQTT protocol data packets according to a first field in the third type MQTT protocol data packets to obtain a plurality of groups of third type MQTT protocol data packets; the three types of MQTT protocol data packets are carrier data packets embedded by the hidden information.
Selecting P c The (third) type MQTT protocol data packet is used as a main carrier data packet embedded by hidden information and is based on P c Field F of type MQTT protocol data packet 1 (i.e., the first field) is grouped.
P is the same as c The type MQTT protocol data packet has several seed types, where it can be known from the value of F1 which seed type of packet it is, thus grouping packets of the same subtype into a group.
S3, selecting a group of unselected third-type MQTT protocol data packets from a plurality of groups of third-type MQTT protocol data packets as a current group of third-type MQTT protocol data packets.
As an alternative embodiment, after S3, before S4, the method further includes: and transmitting the embedded bit number of the hidden information in the group to the receiver.
The hidden information needs to be embedded in a grouping and sent according to the grouping in the step S2, wherein the hidden information in the grouping refers to the hidden information of the data packet of the third type MQTT protocol of the current grouping, namely the group refers to the group of the current grouping, and the number of value areas in the group, the second fields in the group and the like which are mentioned later refer to the number of value areas in the current grouping and the second fields in the current grouping.
The embedded bit number packet combination is transmitted before the packet is transmitted in the packet. The embedded bit number is also P d (fourth type MQTT protocol packet) and P e (fifth type MQTT protocol data packet) the packet sequence combination of the two types of MQTT protocol data packets. The number of embedded bits and the sequence described hereinThe number of embedded bits of intra-group concealment information mentioned in S4 is the same. For example: number N of data packets in packet sequence combination representing embedded number of bits b =4,P d The packet represents a "1", P e The data packet represents "0", when the embedded bit number is "4", namely "0100", the corresponding data packet sequence correspondingly transmitted is "P e1 P d1 P e2 P e3 ”。
S4, aiming at the current group third type MQTT protocol data packet, partitioning the range of the second field representation value in the group according to the embedded bit number of the hidden information in the group to obtain the number of value regions in the group; the embedded bit number of the hidden information in the group is represented by a second packet sequence combination consisting of a fourth type MQTT protocol data packet and a fifth type MQTT protocol data packet; the range of second field representation values within the set is determined based on the number of bits of the second field within the set.
Specifically, the second field in the group represents a value ranging from 0 to the maximum value of the second field, i.e., 0 to 2 k -1, k is the number of bits of the second field in the group. For example, when the number k of bits of the second field in the group is 8, the range of the second field representation values in the group is: 0 to 2 8 -1, i.e. 0 to 127.
When the hidden information is embedded, according to each P in the packet c Field F in data packet 2 (second field) representing the range of values, field F is embedded according to the number of bits of the hidden information embedding l 2 The range of the representation values is partitioned.
As an optional implementation manner, the calculation formula of the number of the value areas includes:
N vz =2 l
wherein N is vz The number of value areas is l, and the number of embedded bits of hidden information in the group is l.
In particular in field F of the intra-group packet 2 Max is the boundary and is equally divided into N vz =2 l A value region.
S5, calculating the interval of each value area in the group according to the number of the value areas in the group and the number of bits of the second field in the group aiming at the current group third type MQTT protocol data packet.
As an optional embodiment, the step S5 specifically includes:
s51, calculating the length of the value area according to the number of the value areas in the group and the number of bits of the second field in the group;
s52, calculating the interval of each value area in the group according to the length of the value area.
The value area length calculation formula is as follows:
wherein L is the length of the value region, k is the number of bits of the second field in the group, N vz The number of value areas.
When the length of the value area is calculated, the maximum value of the second field in the group is calculated according to the number of bits of the second field in the group, namely, the maximum value=2 k -1. Then, the length of the value zone is calculated according to the maximum value and the number of the value zones in the group, namely the length of each value zoneThe field value of each value area represents l-bit hidden information, and the embedded hidden information is l-bit hidden information obtained by carrying out Gray code encoding on l-bit original secret information.
For example: if max=127, the maximum value of field F2, i=4, is divided into N vz =2 l =16 value regions, each value region lengthCorresponding to the 16 value regions of [0,7 ]],[8,15],[16,23],[24,31]...,[120,127]Then the 4-bit hidden information that these value regions represent corresponds to is "0000", "0001", "0010", "0011", "1111". And selecting the data packet with the field value falling into the corresponding value area for transmission according to the hidden information.
S6, determining each data packet to be transmitted in the current group third type MQTT protocol data packet according to the hidden information in the group and the interval of each value area in the group, and transmitting each data packet to be transmitted to a receiver; the data packet to be sent is a data packet containing a target field value, and the target field value is a field value in a value area corresponding to the hidden information in the group.
Each group P c The data packets each include a plurality of P c Data packet, each P c The data packets to be transmitted in the data packets are all data packets containing hidden information in the group. For example, when grouped, current group P c The data packet contains 3P c And data packets, wherein each data packet carries l=4 bits of hidden information, and then 3 data packets can carry 12 bits of hidden information. It is necessary to determine 3P's of the current group based on intra-group hidden information c And the data packet to be transmitted in the data packets. For example, if the intra-group hidden information is (0000, 0011, 0010), the decimal number corresponding to the binary hidden information is (0,3,2), and 0 corresponds to the first value region [0,7 ] according to the correspondence between the value region and the hidden information in the example in S5]3 corresponds to the fourth value interval [24,31 ]]2 corresponds to a third value interval [16,23 ]]To deliver the hidden information, it is necessary to select the value zone region [0,7 ]]Any one of the digits (any one of digits 0-7) of the packet is the first P in the current group c The data packet to be transmitted of the data packet is selected to fall into the value zone section [24,31 ]]The data packet of any number in the current group is the second P in the current group c The data packet to be transmitted of the data packet is selected to fall into the value zone section [16,23 ]]The data packet of any number in the current group is the third P in the current group c The data packet to be transmitted is a data packet. And transmitting the determined three data packets to be transmitted to a receiver so as to realize the transmission of the hidden information in the current group.
S7, judging whether all the hidden information is embedded to obtain a first judgment result; if the first judgment result is negative, returning to the step of selecting a group of unselected third type MQTT protocol data packets from a plurality of groups of third type MQTT protocol data packets as the current group of third type MQTT protocol data packets; if the first judgment result is yes, sending a data packet of a hidden information embedding ending mark to the receiver; the data packet with the hidden information embedded end mark is a third packet sequence combination agreed in advance by a sender and a receiver, and the third packet sequence combination consists of the first type MQTT protocol data packet and the second type MQTT protocol data packet.
I.e. after the data packet transmission of the current packet is finished, the next packet is entered, and the process is repeated. Until all hidden information is completely embedded, transmitting corresponding data packet combinations according to the embedded ending mark, and selecting P as well a And P b The combination of the packet sequences of the two types of data packets is used as a mark for finishing embedding the hidden information.
As an alternative embodiment, the packet of the hidden information embedding end flag is the inverse code of the packet of the hidden information embedding start flag.
The inverse code of the embedded start flag is used as the end flag. For example, if the embedding start flag is "1001", the embedding end flag bit is "0110", i.e. the corresponding packet sequence to be transmitted is "P b1 P a1 P a2 P b2 ”。
As an alternative embodiment, the method further comprises:
judging whether the rest flow data packets in the transmission process contain the data packets which are the same as the data packets of the hidden information embedding start mark or the data packets of the hidden information embedding end mark, and obtaining a second judgment result; the rest flow data packets are data packets except the data packet of the hidden information embedding start mark and the data packet of the hidden information embedding end mark;
if the second judgment result is yes, inserting an escape mark data packet before the rest flow data packets; the escape mark data packet is a data packet represented by a third packet sequence combination consisting of the first type MQTT protocol data packet and the second type MQTT protocol data packet;
and if the second judging result is negative, not processing the rest flow data packets.
When the sequence of traffic data packets happens to be packets during transmissionWhen the packet combination including the embedded start flag or the embedded end flag is identical to the packet combination, an escape flag is inserted before the original packet combination. The escape mark is also denoted by P a And P b The packet sequence of the two types of data packets is combined. Such as: the number Ne=4 of data packets in the packet sequence combination representing the escape flag, and the data packet sequence is selected as "P a1 P a2 P b1 P b2 "combination of packet sequences as escape tag, i.e. escape tag" 1100". If the sequence of the traffic packets happens to be identical to the sequence of the escape tag during transmission, the escape tag is inserted before the original packets are assembled as well.
The advantages of the method are mainly two aspects:
(1) The concealment is strong. The MQTT data packet is provided with a reserved field which can be reused, so that space is provided for storing hidden information. The hidden information is embedded into the corresponding reserved or redundant field of the data packet, so that the hidden channel can be ensured to be hidden.
(2) The detection resistance is strong. The hidden digits are adjusted through grouping change, and the mode of embedding hidden information is determined according to the value region of the embedded field value, so that characteristic fitting of hidden flow and public flow can be ensured, and the detection resistance of a hidden channel is further improved.
The invention also provides a system for constructing the hidden channel of the environment of the Internet of things, which comprises:
the data packet sending module M1 is used for sending the data packet with the hidden information embedded start mark to the receiver; the data packet with the hidden information embedded with the start mark is a first packet sequence combination agreed in advance by a sender and a receiver, and the first packet sequence combination consists of a first type MQTT protocol data packet and a second type MQTT protocol data packet;
the grouping module M2 is used for grouping the third type MQTT protocol data packet according to the first field in the third type MQTT protocol data packet to obtain a plurality of groups of third type MQTT protocol data packets; the three types of MQTT protocol data packets are carrier data packets embedded by the hidden information;
the selecting module M3 is used for selecting a group of unselected third type MQTT protocol data packets from a plurality of groups of third type MQTT protocol data packets as a current group of third type MQTT protocol data packets;
the partitioning module M4 is used for partitioning the range of the representation value of the second field in the group according to the embedded bit number of the hidden information in the group aiming at the current group third type MQTT protocol data packet to obtain the number of value regions in the group; the embedded bit number of the hidden information in the group is represented by a second packet sequence combination consisting of a fourth type MQTT protocol data packet and a fifth type MQTT protocol data packet; the range of the second field representing values in the group is determined according to the number of bits of the second field in the group;
the value area interval calculating module M5 is used for calculating the interval of each value area in the group according to the number of the value areas in the group and the number of bits of the second field in the group aiming at the current group third type MQTT protocol data packet;
the to-be-transmitted data packet determining module M6 is configured to determine each to-be-transmitted data packet in the current group of third type MQTT protocol data packets according to the intra-group hidden information and the interval of each value region in the group, and transmit each to-be-transmitted data packet to a receiver; the data packet to be sent is a data packet containing a target field value, wherein the target field value is a field value in a value area corresponding to the hidden information in the group;
the judging module M7 is used for judging whether all the hidden information is embedded to obtain a first judging result;
if the first judgment result is negative, returning to the step of selecting a group of unselected third type MQTT protocol data packets from a plurality of groups of third type MQTT protocol data packets as the current group of third type MQTT protocol data packets;
if the first judgment result is yes, sending a data packet of a hidden information embedding ending mark to the receiver; the data packet with the hidden information embedded end mark is a third packet sequence combination agreed in advance by a sender and a receiver, and the third packet sequence combination consists of the first type MQTT protocol data packet and the second type MQTT protocol data packet.
Optionally, the system further comprises:
the second judging module is used for judging whether the rest flow data packets in the transmission process contain the data packets which are the same as the data packets of the hidden information embedding start mark or the data packets of the hidden information embedding end mark or not, so as to obtain a second judging result; the rest flow data packets are data packets except the data packet of the hidden information embedding start mark and the data packet of the hidden information embedding end mark;
if the second judgment result is yes, inserting an escape mark data packet before the rest flow data packets; the escape mark data packet is a data packet represented by a third packet sequence combination consisting of the first type MQTT protocol data packet and the second type MQTT protocol data packet;
and if the second judging result is negative, not processing the rest flow data packets.
In the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other. For the system disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section.
The principles and embodiments of the present invention have been described herein with reference to specific examples, the description of which is intended only to assist in understanding the methods of the present invention and the core ideas thereof; also, it is within the scope of the present invention to be modified by those of ordinary skill in the art in light of the present teachings. In view of the foregoing, this description should not be construed as limiting the invention.

Claims (10)

1. The method for constructing the hidden channel of the environment of the Internet of things is characterized by comprising the following steps:
transmitting a data packet with a hidden information embedded start mark to a receiver; the data packet with the hidden information embedded with the start mark is a first packet sequence combination agreed in advance by a sender and a receiver, and the first packet sequence combination consists of a first type MQTT protocol data packet and a second type MQTT protocol data packet;
grouping the third type MQTT protocol data packets according to a first field in the third type MQTT protocol data packets to obtain a plurality of groups of third type MQTT protocol data packets; the third type MQTT protocol data packet is a carrier data packet embedded by the hidden information;
selecting a group of unselected third type MQTT protocol data packets from a plurality of groups of third type MQTT protocol data packets as a current group of third type MQTT protocol data packets;
aiming at the current group of the third type MQTT protocol data packet, partitioning the range of the second field representation value in the group according to the embedded bit number of the hidden information in the group to obtain the number of value regions in the group; the embedded bit number of the hidden information in the group is represented by a second packet sequence combination consisting of a fourth type MQTT protocol data packet and a fifth type MQTT protocol data packet; the range of the second field representing values in the group is determined according to the number of bits of the second field in the group;
calculating the interval of each value area in the group according to the number of the value areas in the group and the number of bits of the second field in the group aiming at the current group third type MQTT protocol data packet;
determining each data packet to be transmitted in the current group third type MQTT protocol data packet according to the hidden information in the group and the interval of each value area in the group, and transmitting each data packet to be transmitted to a receiver; the data packet to be sent is a data packet containing a target field value, wherein the target field value is a field value in a value area corresponding to the hidden information in the group;
judging whether all the hidden information is embedded to obtain a first judging result;
if the first judgment result is negative, returning to the step of selecting a group of unselected third type MQTT protocol data packets from a plurality of groups of third type MQTT protocol data packets as the current group of third type MQTT protocol data packets;
if the first judgment result is yes, sending a data packet of a hidden information embedding ending mark to the receiver; the data packet with the hidden information embedded end mark is a third packet sequence combination agreed in advance by a sender and a receiver, and the third packet sequence combination consists of the first type MQTT protocol data packet and the second type MQTT protocol data packet.
2. The method of claim 1, wherein the calculation formula for the number of value regions comprises:
N vz =2 l
wherein N is vz The number of value areas is l, and the number of embedded bits of hidden information in the group is l.
3. The method according to claim 2, wherein said calculating, for said current group of MQTT protocol packets, the interval of each of said value regions in the group based on the number of value regions in the group and the number of bits of said second field in the group, comprises:
calculating the length of the value area according to the number of the value areas in the group and the number of bits of the second field in the group;
and calculating the interval of each value area in the group according to the length of the value area.
4. A method according to claim 3, wherein the calculation formula for the value zone length comprises:
wherein L is the length of the value region, k is the number of bits of the second field in the group, N vz The number of value areas.
5. The method of claim 1, wherein after selecting a group of unselected MQTT protocol data packets from the plurality of groups of MQTT protocol data packets of the third type as a current group of MQTT protocol data packets of the third type, partitioning a range of values represented by the second field in the group according to an embedded bit of intra-group concealment information for the current group of MQTT protocol data packets of the third type to obtain a number of intra-group value regions, the method further comprises:
and transmitting the embedded bit number of the hidden information in the group to the receiver.
6. The method according to claim 1, wherein the method further comprises:
judging whether the rest flow data packets in the transmission process contain the data packets which are the same as the data packets of the hidden information embedding start mark or the data packets of the hidden information embedding end mark, and obtaining a second judgment result; the rest flow data packets are data packets except the data packet of the hidden information embedding start mark and the data packet of the hidden information embedding end mark;
if the second judgment result is yes, inserting an escape mark data packet before the rest flow data packets; the escape mark data packet is a data packet represented by a third packet sequence combination consisting of the first type MQTT protocol data packet and the second type MQTT protocol data packet;
and if the second judging result is negative, not processing the rest flow data packets.
7. The method of claim 6, wherein the escape tag packet is agreed upon in advance by the sender and the receiver.
8. The method of claim 7, wherein the packet of the hidden information embedding end flag is an inverse of the packet of the hidden information embedding start flag.
9. The system for constructing the hidden channel of the environment of the Internet of things is characterized by comprising the following components:
the data packet sending module is used for sending the data packet with the hidden information embedded start mark to the receiver; the data packet with the hidden information embedded with the start mark is a first packet sequence combination agreed in advance by a sender and a receiver, and the first packet sequence combination consists of a first type MQTT protocol data packet and a second type MQTT protocol data packet;
the grouping module is used for grouping the third type MQTT protocol data packets according to the first field in the third type MQTT protocol data packets to obtain a plurality of groups of third type MQTT protocol data packets; the third type MQTT protocol data packet is a carrier data packet embedded by the hidden information;
the selecting module is used for selecting a group of unselected third type MQTT protocol data packets from a plurality of groups of third type MQTT protocol data packets as a current group of third type MQTT protocol data packets;
the partitioning module is used for partitioning the range of the second field representation value in the group according to the embedded bit number of the hidden information in the group aiming at the current group third type MQTT protocol data packet to obtain the number of value regions in the group; the embedded bit number of the hidden information in the group is represented by a second packet sequence combination consisting of a fourth type MQTT protocol data packet and a fifth type MQTT protocol data packet; the range of the second field representing values in the group is determined according to the number of bits of the second field in the group;
the value zone interval calculation module is used for calculating the interval of each value zone in the group according to the number of the value zones in the group and the number of bits of the second field in the group aiming at the current group third type MQTT protocol data packet;
the data packet to be transmitted determining module is used for determining each data packet to be transmitted in the current group of third type MQTT protocol data packets according to the hidden information in the group and the interval of each value area in the group, and transmitting each data packet to be transmitted to a receiver; the data packet to be sent is a data packet containing a target field value, wherein the target field value is a field value in a value area corresponding to the hidden information in the group;
the first judging module is used for judging whether all the hidden information is embedded or not to obtain a first judging result;
if the first judgment result is negative, returning to the selection module;
if the first judgment result is yes, sending a data packet of a hidden information embedding ending mark to the receiver; the data packet with the hidden information embedded end mark is a third packet sequence combination agreed in advance by a sender and a receiver, and the third packet sequence combination consists of the first type MQTT protocol data packet and the second type MQTT protocol data packet.
10. The system of claim 9, wherein the system further comprises:
the second judging module is used for judging whether the rest flow data packets in the transmission process contain the data packets which are the same as the data packets of the hidden information embedding start mark or the data packets of the hidden information embedding end mark or not, so as to obtain a second judging result; the rest flow data packets are data packets except the data packet of the hidden information embedding start mark and the data packet of the hidden information embedding end mark;
if the second judgment result is yes, inserting an escape mark data packet before the rest flow data packets; the escape mark data packet is a data packet represented by a third packet sequence combination consisting of the first type MQTT protocol data packet and the second type MQTT protocol data packet;
and if the second judging result is negative, not processing the rest flow data packets.
CN202310079889.6A 2023-02-06 2023-02-06 Method and system for constructing hidden channel of Internet of things environment Active CN116192480B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310079889.6A CN116192480B (en) 2023-02-06 2023-02-06 Method and system for constructing hidden channel of Internet of things environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310079889.6A CN116192480B (en) 2023-02-06 2023-02-06 Method and system for constructing hidden channel of Internet of things environment

Publications (2)

Publication Number Publication Date
CN116192480A CN116192480A (en) 2023-05-30
CN116192480B true CN116192480B (en) 2023-10-10

Family

ID=86433873

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310079889.6A Active CN116192480B (en) 2023-02-06 2023-02-06 Method and system for constructing hidden channel of Internet of things environment

Country Status (1)

Country Link
CN (1) CN116192480B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103281164A (en) * 2013-05-15 2013-09-04 江苏科技大学 High-security combined covert channel synchronization method
CN110690942A (en) * 2019-09-05 2020-01-14 南京理工大学 Network hidden channel construction method based on LTE protocol
WO2022105645A1 (en) * 2020-11-23 2022-05-27 唐山学院 Method and system for constructing fusion-type covert channel

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8351605B2 (en) * 2009-09-16 2013-01-08 International Business Machines Corporation Stealth message transmission in a network

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103281164A (en) * 2013-05-15 2013-09-04 江苏科技大学 High-security combined covert channel synchronization method
CN110690942A (en) * 2019-09-05 2020-01-14 南京理工大学 Network hidden channel construction method based on LTE protocol
WO2022105645A1 (en) * 2020-11-23 2022-05-27 唐山学院 Method and system for constructing fusion-type covert channel

Also Published As

Publication number Publication date
CN116192480A (en) 2023-05-30

Similar Documents

Publication Publication Date Title
CN109639714B (en) Internet of things identity registration and verification method based on block chain
CN102299772B (en) Method for receiving and managing a downlink radio link control data block in an EPRS mobile electronic communication device
CN112929845B (en) Vehicle networking node trust evaluation method and system based on block chain
CN1489338A (en) Enciphering method using double keys and its wireless local network system
CN110110509A (en) Right management method and Related product
CN114205133B (en) Information security enhancement method for vehicle-mounted CAN network and electronic equipment
CN1171416C (en) Modulated message authentication system and method
CN112291267B (en) Construction method and system of fusion type covert channel
CN116192480B (en) Method and system for constructing hidden channel of Internet of things environment
CN111698222B (en) Covert communication method of special bitcoin address generated based on vanitygen
CN112134702A (en) Method and device for sending and receiving vehicle intranet safety communication
Wu et al. Design and implementation of CAN data compression algorithm
CN104660591B (en) IP address-based packet length feedback network concealed communication method
Mohammed et al. DNA-based steganography using neural networks
CN113518079B (en) Data feature-based segmented information embedding method and system
CN115189868A (en) Authenticated multi-party quantum key agreement method and system based on Bell state
CN108616323A (en) CCSK signal improved methods based on the combination of dynamic multimodal
CN109558744B (en) Data processing method and system
CN116208379B (en) Method and system for checking MQTT theme publishing and subscribing permission of Internet of things equipment
CN1778092B (en) Overhead reduction and address protection in communication stack
CN115550039A (en) Multi-address time type block chain covert communication method
CN104579567B (en) The coding method of inverse path and device
CN101951317B (en) Digital signature method for linear electronic transaction
CN111865552B (en) Method for detecting coding attack resistance of distributed conversion encoder
CN110769128B (en) Gray level image information steganography method with adaptive embedding rate

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant