| HTTPS通信流截获解析系统的设计与实现 |
| |
| 引用本文: | 徐楠,陈松乔,眭鸿飞.HTTPS通信流截获解析系统的设计与实现[J].中南大学学报(自然科学版),2005,36(4):664-667. |
| |
| 作者姓名: | 徐楠 陈松乔 眭鸿飞 |
| |
| 作者单位: | 中南大学,信息科学与工程学院,湖南,长沙,410083 |
| |
| 摘 要: | 针对安全传输协议中存在的如SSL和TLS虽然可以保障通信内容的机密性,但无法完全隐藏传输数据长度、通信的持续时间以及通信的频度等信息的问题,提出一种新的方法,即利用HTTPS通信流报文的首部信息,解析并重构出与用户浏览序列对应的页面"指纹"序列;在分析SSL和HTTP通信行为的基础上,给出了基于最大包长度以及时间阈值对HTTPS通信流报文进行解析重组获取页面"指纹"序列的"指纹"序列抽取算法.在此基础上,对HTTPS通信流截获解析系统即HTCPS进行总体设计.实验结果表明,该方法不但能够时HTTPS通信流进行解析,并且能重构出页面"指纹"序列.
|
| 关 键 词: | 信息隐藏 通信流分析 匿名通信 |
| 文章编号: | 1672-7207(2005)04-0664-04 |
| 收稿时间: | 2005-02-10 |
| 修稿时间: | 2005年2月10日 |
Design and implementation of HTTPS traffic capturing and parsing system |
| |
| XU Nan,CHEN Song-qiao,SUI Hong-fei.Design and implementation of HTTPS traffic capturing and parsing system[J].Journal of Central South University:Science and Technology,2005,36(4):664-667. |
| |
| Authors: | XU Nan CHEN Song-qiao SUI Hong-fei |
| |
| Abstract: | Although communication security can be guaranteed by the technique of typical security transfer protocols such as SSL and TLS, it is still difficult to hide the data volume, frequency and the duration of communication. A new method was proposed, which can use the information leaked in the header of HTTPS packets and reconstruct the "fingerprint" sequence of Web page corresponding to user's browsing sequence. The communication behavior of SSL and HTTP was analyzed, and a fingerprint extracting algorithm was derived based on the maximum transfer length of HTTPS packet and a timing threshold which can reconstruct the communication flow file, and finally a general scheme for the design of HTTPS traffic capturing and parsing system (HTCPS) was proposed. The results show that this approach can not only capture HTTPS browsing traffic successfully, but also reconstruct the fingerprint sequence for the Web browsing sequence. |
| |
| Keywords: | information hiding traffic analysis anonymous traffic |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
