摘要从商业机构到政府部门再到个人家庭,越来越多的用户使用网络来处理事务、交流信息和进行交易活动。这些都是不可避免地涉及到网络安全问题,尤其是认证和加密问题。目前看来,提高站点信息的安全性最简单的解决方案就是利用SSL技术来实现WEB的安全访问。但不法分子的违规操作、经融活动中的重要线索等我们需要迫切追踪的内容也被安全保护起来,显然是我们不愿意看到的。那么此时,合法道德的网络攻击是被需要的。Web站点指纹识别攻击可以利用加密流量泄露的旁路信息识别Web站点。
指纹识别攻击利用预先构建的指纹序列,完成对加密Web流量的识别。最长公共子序列(LCS)算法可以有效地获取两个字符串的匹配序列,因而适合于Web站点指纹序列的匹配与识别。本毕业论在对HTTPS加密后的Web站点流量信息进行采集与分析的基础上,主要利用提取的对象大小信息建立指纹库,监听端口,捕捉到的数据属性建立站点指纹后,利用最长公共子序列算法实现简单的Web站点指纹识别。关键词 HTTPS Web指纹识别 LCS,8406
毕业设计说明书(论文)外文摘要
Title Website Fingerprinting based on LCS
Abstract
From business to government departments to inpidual families, more and more users use the network to handle affairs, the exchange of information and transactions. These are inevitably involves the issue of network security, especially the problem of authentication and encryption.Currently, the most simple solution of improving the site information security is to utilize SSL technology to realize the WEB security access. But some information we need urgently such as illegal operations, important clues of financial activities is also safe and protected, obviously we don't want to see that. Then, the legitimate moral network attack is needed.
Fingerprint identification attacks using pre-built fingerprint sequences, completion of the encrypted Web flow identification. The longest common subsequence ( LCS ) algorithm can effectively obtain a string matching sequence and thus is suitable for Web site fingerprint sequence matching and recognition. We collect and analyse the encrypted Web flow information in HTTPS. The essay mainly uses the object length information captured from the web to establish website fingerprint database. Monitor port to capture the data attribute to establish fingerprint, using longest common subsequence algorithm to achieve a simple website fingerprint recognition.
Keywor¬¬ds HTTPS Website Fingerprint LCS
目 次
1 引言 1
1.1 项目背景与意义 1
1.2 研究现状 1
1.3 本文的主要工作 2
1.4 本文的组织 2
2 相关原理与技术 2
2.1 HTTPS协议 2
2.2 Winpcap 6
2.3 LCS算法 9
3 系统设计与实现 10
3.1 系统体系结构 10
3.2 模块设计与实现 11
3. 3 影响系统实现因素 15
3. 4 系统运行 16