基于数据报指纹关系的未知协议发现研究

项目名称： 基于数据报指纹关系的未知协议发现研究

项目编号： No.U1230106

项目类型： 联合基金项目

立项/批准年度： 2013

项目学科： 物理学II

项目作者： 郝玉洁

作者单位： 电子科技大学

项目金额： 60万元

中文摘要： 网络的发展日趋复杂，保障信息网络的安全已成为国家信息化战略的核心内容。在特定的网络环境下，通过特殊手段进行窃密的威胁日趋严峻，此类窃密途径通常是通过无线通信的方式发送涉密信息，且这种通信采用的协议均为非常规的专用未知协议，而现有的防范措施基本只针对已知协议，大多采用基于端口映射或静态特征匹配等方法，无法对该类窃密渠道机型监测和检测。为了保证网络的安全运行以及对攻击与危害行为的预警，决策者迫切需要在当前结构复杂网络环境下准确、需要为决策者提供一种能高效地对未知协议进行识别的方法。针对这些问题，本课题将在整合已有网络安全技术和数据挖掘技术的基础上，设计基于数据报指纹关系的未知协议发现的解决方案，满足国家网络安全等多方面的需求，对保障网络的安全运行和宏观预警方面有着重要的现实意义，并且促进和提高我国网络安全等方面各项关键技术的自主创新能力

中文关键词： 协议识别；数据挖掘；频繁串；比特流数据；

英文摘要： Protecting the security of information networks has become a core element of national information strategy with the increasing complexity of network development. In the specific network environment, the threat of theft which usually sends secret information through wireless communications is becoming increasingly grim within special means. As all of the current communication protocols are unconventional dedicated unknown ones while existing of prevention measures mainly aiming at the known protocols and based on port mapping or static features matching, they are useless for the monitoring and detection of the theft channel. To ensure the security of the network as well as the early warning of attacks and harmful behavior, Policy-makers urgently need to provide an efficient way to identify an unknown protocol under the current structure of the complex network environment. To solve these problems, our project will integrate the existing network security and data mining technology to design solutions discovering unknown protocols based on the datagram fingerprint relations, to meet the National Cyber Security and many other needs. In addition to a significant meaning on the protection of network security and macro warning area, it promotes and improves the capability of independent innovation of China''s network se

英文关键词： protocol identification；data mining；Frequent string；bit-stream data；