簡易檢索 / 詳目顯示
| 研究生: |
劉亞翰 Ya-han Liu |
|---|---|
| 論文名稱: | A SDN-based Approach for Flow Analysis Attack |
| 指導教授: |
張貴雲
Guey-yun Cheng |
| 口試委員: | |
| 學位類別: |
碩士 Master |
| 系所名稱: |
資訊電機學院 - 資訊工程學系 Department of Computer Science & Information Engineering |
| 論文出版年: | 2014 |
| 畢業學年度: | 102 |
| 語文別: | 英文 |
| 論文頁數: | 38 |
| 中文關鍵詞: | 軟體定義網路 、位置隱私 、流量分析攻擊 |
| 相關次數: | 點閱:13 下載:0 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
網路電話在現代社會變得越來越流行。隱私是一個網路電話重要的特性。 但不幸的是,大部份的點對點網路電話既不提供個人隱私也不保證一定的安全程度。在本文中我們提出了一種以K匿名為基礎的方式來防範特定攻擊者追蹤網路電話使用者的身份,並在不同的安全程度底下比較封包延遲時間以及通訊消耗。
VoIP (voice over IP) networks are becoming more and more popular in modern society. One of the most important features of a VoIP network is privacy (for VoIP users). Unfortunately, most peer-to-peer VoIP networks neither provide personalization nor guarantee a quantifiable privacy level. In this thesis, we propose a SDN-based approach to prevent flow analysis attack trying to trace user’s identity. Flow analysis attack will trace the flow which specific caller transmits, and try to find possible receiver, threat user’s privacy. We present the latency and number of packets in our method, while meeting customizable privacy guarantees.
[1] D. Anthony, T. Henderson, and D. Kotz. Privacy in location-aware computing environments. Pervasive Computing, IEEE, 6(4):64–72, Oct 2007.
[2] Marco Gruteser and Dirk Grunwald. Anonymous usage of locationbased services through spatial and temporal cloaking. In Proceedings of the 1st International Conference on Mobile Systems, Applications and Services, MobiSys’03, pages 31–42. ACM, 2003.
[3] T.J. Walsh and R. Kuhn. Challenges in securing voice over ip. Security Privacy, IEEE, 3(3):44–49, May 2005.
[4] M. Srivatsa, A. Iyengar, Ling Liu, and Hongbo Jiang. Privacy in voip networks: Flow analysis attacks and defense. Parallel and Distributed Systems, IEEE Transactions on, 22(4):621–633, April 2011.
[5] M. Reed D. Goldschlag and P. Syverson. Onion routing for anonymous and private internet connections. In Communications of ACM, 42(2):246–255, May 1999.
[6] S. Das, G. Parulkar, N. McKeown, P. Singh, D. Getachew, and L. Ong. Packet and circuit network convergence with openflow. In Optical Fiber Communication, collocated National Fiber Optic Engineers Conference, pages 1–3, March 2010.
[7] Natasha Gude, Teemu Koponen, Justin Pettit, Ben Pfaff, Martín Casado, Nick McKeown, and Scott Shenker. Nox: Towards an operating system for networks. SIGCOMM Comput. Commun. Rev., 38(3):105–110, July 2008.
[8] M. Srivatsa, A. Iyengar, and Ling Liu. Privacy in voip networks: A k-anonymity approach. In INFOCOM 2009, IEEE, pages 2856– 2860, April 2009.
[9] R. Braga, E. Mota, and A. Passito. Lightweight ddos flooding attack detection using nox/openflow. In Local Computer Networks (LCN), 2010 IEEE 35th Conference on, pages 408–415, Oct 2010.
[10] T. Kohonen. The self-organizing map. Proceedings of the IEEE, 78(9):1464–1480, Sep 1990.
[11] Yifu Feng, Rui Guo, Dongqi Wang, and Bencheng Zhang. Research on the active ddos filtering algorithm based on ip flow. In Natural Computation, 2009. ICNC ’09. Fifth International Conference on, volume 4, pages 628–632, Aug 2009.
[12] Stefan Saroiu, P. Krishna Gummadi, and Steven D. Gribble. A measurement study of peer-to-peer file sharing systems. 2003.
[13] http://en.wikipedia.org/wiki/IPsec. ”ipsec”.
[14] Alexander Ageev, Refael Hassin, and Maxim Sviridenko. A 0.5- approximation algorithm for max dicut with given sizes of parts. SIAM J. Discret. Math., 14(2):246–255, February 2001.
[15] http://mininet.org/. ”mininet”.
[16] http://www.projectfloodlight.org/floodlight/. ”project floodlight”. [17] http://estinet.com/. ”estinet”.
