CN115225383A - Online Web site defense method based on countermeasure patch - Google Patents

Online Web site defense method based on countermeasure patch Download PDF

Info

Publication number
CN115225383A
CN115225383A CN202210852629.3A CN202210852629A CN115225383A CN 115225383 A CN115225383 A CN 115225383A CN 202210852629 A CN202210852629 A CN 202210852629A CN 115225383 A CN115225383 A CN 115225383A
Authority
CN
China
Prior art keywords
patch
countermeasure
defense
padding
web site
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210852629.3A
Other languages
Chinese (zh)
Inventor
顾晓丹
兰威
杨明
黄茜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southeast University
Original Assignee
Southeast University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southeast University filed Critical Southeast University
Priority to CN202210852629.3A priority Critical patent/CN115225383A/en
Publication of CN115225383A publication Critical patent/CN115225383A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses an online Web site defense method based on a countermeasure patch, which comprises the steps of firstly calculating a key area of network flow data; and generating an anti-patch: firstly, analyzing the difference between online and offline defense scenes, limiting the generation process of a countermeasure patch, then providing a key area-oriented non-target pertinence countermeasure patch generation algorithm, and generating a countermeasure patch corresponding to each site; and finally, injecting an anti-patch: the injection process is based on a WFPadTools framework to design a Tor plug-in, firstly, plug-in deployment is carried out at a Tor user side and a bridge side, then, a control message is designed for communication between the user side and the bridge side, and finally, the countermeasure patch is injected online according to a set strategy. The invention improves the practicability of the fingerprint defense of the Web site by utilizing the anti-patch technology and designing the patch injection scheme.

Description

Online Web site defense method based on countermeasure patch
Technical Field
The invention relates to a Web site fingerprint defense technology, belongs to the technical field of Traffic Analysis (Traffic Analysis) and anonymous Network (Anonymity Network), and particularly relates to an online Web site defense method based on a countermeasure patch.
Background
The continuous development of the internet has led to continuous innovation of Web technologies, and the Web carries an increasingly large number of service types, which also contain a large amount of user privacy data. The Web site fingerprint attack is a technology for extracting target site features by using a channel measurement analysis method so as to identify sites, firstly, an anonymous communication system is used for simulating a user to access a target supervision site to obtain flow, and a fingerprint is formed and a model is established for the obtained flow extraction mode features; and then extracting the same characteristics from the anonymous traffic generated by the actual access of the user to identify so as to presume the actual site accessed by the user. Therefore, the research on the defense technology is of great significance to the protection of the privacy of the user. However, existing defense technologies for deep learning of the Web site fingerprint attack are all in an offline scene, and a defender needs to generate a theoretical optimization defense strategy for a single flow after obtaining a flow data set, so that the defense method cannot be effectively deployed in a real environment, and the practicability of the Web site fingerprint defense method is greatly reduced.
Disclosure of Invention
The purpose of the invention is as follows: aiming at the problem that the practicability of a Web site fingerprint defense technology is poor in a real scene, the invention provides an online Web site defense method based on a countermeasure patch.
The invention adopts the following technical scheme:
an online Web site defense method based on countermeasure patches comprises the following steps:
(1) Determining a key area: dividing the network traffic sequence of the station into a plurality of areas, and calculating the contribution degree of each area to the classification result, wherein the area with higher contribution degree is called a key area. Determining the critical area may help defenders find a good injection location.
(2) Anti-patch generation: analyzing the difference between online and offline defense scenes, limiting the generation process of the countermeasure patch, and generating a key region-oriented non-target countermeasure patch
(3) Anti-patch injection: designing a Tor plug-in based on a WFPadTools framework, deploying at a Tor client and a bridge client, and injecting the anti-patch online according to an injection position l.
Further, the step (1) specifically includes:
(11) Inputting the network flow sequence into the convolutional neural network and obtaining the output A of the last convolutional layer and the target label score y c (i.e., without the value of softmax passed). Wherein A contains Z characteristic maps in total, and the size of each characteristic map is Z =1*I. The value of the ith column in the kth feature map is
Figure BDA0003755252720000011
(12) Calculating the gradient of each value in the characteristic diagram by using back propagation
Figure BDA0003755252720000021
As shown in equation (1), and the gradient of the feature map
Figure BDA0003755252720000022
Averaging to obtain the weight of the feature map
Figure BDA0003755252720000023
As shown in equation (2):
Figure BDA0003755252720000024
Figure BDA0003755252720000025
(13) Obtaining the weight of the characteristic diagram, and then obtaining the value A of each characteristic diagram k And weight
Figure BDA0003755252720000026
Adding the multiplied values to obtain the contribution degree f of each point c The calculation process is shown in formula (3):
Figure BDA0003755252720000027
(14) Degree of contribution f c Performing ReLU operation to obtain L c Is prepared by mixing L c The data are divided into a plurality of groups according to the length 50, and the contribution degrees of each element in the groups are added to obtain the group contribution degree.
Further, the step (2) specifically includes:
(21) Limiting patch elements to be +1 or-1, splitting the patch into a plurality of small patches, setting the first element of each small patch to be-1 and the last element to be +1;
(22) Calculating the number N of the small patches according to the length L of the network flow sequence, the bandwidth load percentage B and the small patch length plen, as shown in a formula (4):
Figure BDA0003755252720000028
(23) Obtaining a flow key area through the step (1), and selecting a key area with high front Q contribution degree of the front group to obtain an injection position l;
(24) The countermeasure patch is generated as shown in equation (5):
Figure BDA0003755252720000029
wherein X is a source site traffic data set, s represents an injection position, psi represents a patch injection mode of network traffic, and y t Representing the site label, F representing the fingerprint classifier of the Web site, and the loss function uses the cross entropy of the crossEntropyLoss class, and updates the patch by maximizing the classification loss of the fingerprint classifier.
Further, the step (3) specifically includes:
(31) When a user initiates a site access request, a client records the directions of all data packets to generate a real-time data packet sequence;
(32) When the flow sequence reaches the injection position, the client loads the small patch at the position, caches the received uplink data packet into the Buffer, and sends a PADDING _ START control message and the number G of the filling messages to the bridge end;
(33) After receiving the PADDING _ START message, the bridge end firstly sends G-1 PADDING data messages, and finally sends a PADDING _ STARTED control message to inform the client of the START of filling;
(34) Alternately sending the PADDING data message according to the small patch strategy;
(35) After the small patch injection is finished, the client sends a PADDING _ END message and sends a data packet cached in the Buffer;
(36) After receiving the PADDING _ END message, the network bridge END sends a data packet cached in the Buffer;
(37) And repeating the processes (31) to (36), and injecting each confrontation small patch according to the confrontation patch strategy.
Has the advantages that: compared with the prior art, the invention has the following remarkable advantages:
1. and determining a key area of the flow, finding a position more suitable for inserting a patch, and reducing bandwidth overhead and practice overhead brought by defense while improving the success rate of the defense.
2. Most Web site fingerprint defense schemes generate a theoretical optimized defense strategy aiming at single flow, and the invention generates a general countermeasure patch for each site by utilizing a countermeasure patch technology, can adapt to network flow change generated by problems such as network delay and the like, and improves the practicability of the Web site fingerprint defense technology.
3. The difference between the online defense scene and the offline defense scene is analyzed, and the generation process of the anti-patch is limited, so that the generated defense strategy better meets the requirements of the online scene, and the practicability of the Web site defense technology is improved.
Drawings
FIG. 1 is a schematic diagram of the defense scenario of the present invention.
Fig. 2 is a schematic diagram of determining a key area according to the present invention.
Fig. 3 is a schematic diagram of the anti-patch injection process of the present invention.
Detailed Description
The invention designs and realizes an online Web site fingerprint defense technology based on a countermeasure patch, which is divided into three parts, namely key area determination, countermeasure patch generation and countermeasure patch injection. The method specifically comprises the following steps:
key zone determination
Dividing the network traffic sequence of the station into a plurality of areas, and calculating the contribution degree of each area to the classification result, wherein the area with higher contribution degree is called a key area. Determining a key region can help defenders to find a good injection position and destroy a flow sequence in the region, and the key region determination process is shown in fig. 2:
inputting the network flow sequence into the convolutional neural network and obtaining the output A of the last convolutional layer and the target label score y c (i.e., without the value of softmax passed). Wherein A contains Z feature maps, and the size of each feature map is Z =1*I. The value of the ith column in the kth feature map is
Figure BDA0003755252720000031
Calculating the gradient of each value in the feature map by using back propagation
Figure BDA0003755252720000032
As shown in equation (1), and the gradient of the feature map
Figure BDA0003755252720000033
Averaging to obtain weights of feature maps
Figure BDA0003755252720000034
As shown in equation (2). Obtaining the weight of the characteristic diagram, and then obtaining the value A of each characteristic diagram k And weight
Figure BDA0003755252720000035
Adding the multiplied values to obtain the contribution degree f of each point c The calculation process is shown in formula (3).
Figure BDA0003755252720000036
Figure BDA0003755252720000041
Figure BDA0003755252720000042
Degree of contribution f c Performing ReLU operation to obtain L c Is prepared by mixing L c The data are divided into a plurality of groups according to the length 50, and the contribution degrees of each element in the groups are added to obtain the group contribution degree. The specific algorithm flow is as follows:
Figure BDA0003755252720000043
resist patch generation
The countermeasure patch technology is derived from the field of computer vision, belongs to a method for injecting countermeasure disturbance, but different from the traditional countermeasure disturbance method, a defender is not limited to injecting tiny disturbance which is specific to an original sample and is difficult to detect, but places a target on a general countermeasure patch, and the classifier can output wrong target classes for generating good patches no matter the patches are placed at any positions of any samples. The scheme analyzes the difference between the online defense scene and the offline defense scene, limits the generation process of the countermeasure patch, and generates a non-target pertinence countermeasure patch facing to a key area.
The invention limits the generation process of the traditional countermeasure patch, so that the traditional countermeasure patch is better adapted to the online Web site fingerprint defense scene, and the specific algorithm flow is as follows:
Figure BDA0003755252720000051
firstly, calculating a contribution score Socre of a source station group through (1), then calculating the minimum length L of a station traffic sequence in a source station traffic data set, and setting an original station traffic data set X w The length p _ len of each section of small patch, the bandwidth load percentage B, the iteration times T, the classification model M and the Loss function Loss are used as parameters and input into the algorithm.
The algorithm firstly obtains the maximum number of the filling packets which can be injected by calculating L & ltB & gt, and then divides the result by plen to obtain the number N of the small patches, namely the small patches are required to be injected into N groups, and the size of N does not exceed the total number of the groups. And then, initializing N small patches by the algorithm to form a complete confrontation patch, and selecting a group with high contribution degree front Q from the group contribution scores to obtain an injection position S. Next, injecting a countermeasure patch into each original network traffic sequence according to the injection position S, specifically, for each key region, randomly selecting an injection position in the region by the algorithm to perform small patch injection, because the patch cannot be guaranteed to be accurately injected to the specified position in the online traffic injection process, and therefore, the randomly selecting a position can guarantee that the patch has robustness to the change of the injection position inside the region.
Thereafter, the algorithm calculates the loss value after patch injection and updates the patch element values by back-propagation using Stochastic Gradient Descent (SGD). To apply the SGD, we relax the constraint on the elements within the patch during the patch optimization, allowing its value to be a continuous value between [ -1,1], and after the optimization ends we turn it to-1 for elements less than 0 within the patch and +1 for elements greater than 0 within the patch. This approach is widely used to solve the discrete optimization problem and ensure smooth back propagation. And finally, iterating for T times to generate a countermeasure patch which is universal to the site.
Resist patch injection
And the Tor user side and the Tor bridge side are required to be matched with each other for the anti-patch injection, and the generated anti-patch sequence is injected into the flow sequence in real time according to the patch position. Therefore, the Tor plug-in is written by means of the WFPadTools open source framework to realize network packet delay and injection of virtual packets.
The present invention uses modifications to the torrc file to enable Tor to use custom plug-ins and bridges for network traffic transport. The core configuration is as follows:
client configuration
Figure BDA0003755252720000061
Bridge end configuration
AssumeReachable 1
PublishServerDescriptor 0
Exitpolicy reject*:*
ORPort 4053
BridgeRelay 1
ServerTransportListenAddrMLPatch 0.0.0.0:40535
ServerTransportPluginMLPatch exec/wfpadtools/bin/obfsproxy\
--log-min-severity=debug\
--log-file=/root/mlpatch_server/mlpatch-server.log\
managed
As shown in fig. 3, the anti-patch injection process is performed in two states, namely a normal state and a filling state, where in the normal state, the two ends do not delay and fill the message, and only forward the received message, and in the filling state, the two ends store the received message in a Buffer and send the filling message to each other. When a user initiates a site access request, the client records the direction of each data packet and generates a real-time data packet sequence. Once the flow sequence reaches the filling point, the client loads the countermeasure patch firstly, switches the state of the client to the filling state, caches the received uplink data packet into the Buffer, and finally sends a PADDING _ START control message and the quantity G of the filling message to the bridge end. After receiving the PADDING _ START message, the bridge end first converts the state of the bridge end into a filling state, then sends G-1 PADDING data messages, and the last message sends PADDING _ STARTED to inform the client that filling is STARTED and the first segment of message is sent completely. After receiving the PADDING _ STARTED message, the client side continues to send the PADDING message according to the anti-patch strategy. And finally, the client sends a PADDING _ END message until the patch filling is finished, switches the state of the client into a normal state and sends the data packet cached in the Buffer. After receiving the PADDING _ END message, the network bridge END also switches the state to a normal state and sends the data packet cached in the Buffer. And completing the injection of one small patch, and repeating the operations for each small patch in the patch to finally complete the injection of the countermeasure patch.
Finally, it should be noted that: the above embodiments are only used for illustrating the technical solutions of the present application and not for limiting the scope of protection thereof, and although the present application is described in detail with reference to the above embodiments, those of ordinary skill in the art should understand that: numerous variations, modifications, and equivalents will occur to those skilled in the art upon reading the present application and are within the scope of the claims appended hereto.

Claims (4)

1. An online Web site defense method based on countermeasure patches is characterized by comprising the following steps:
(1) Calculating a key area of the network traffic data: in the key area calculation process, a network flow sequence of a site is divided into a plurality of areas, and the group contribution degree of each area to a classification result is calculated, wherein the area with higher group contribution degree is called a key area;
(2) Generating a countermeasure patch: firstly, analyzing the difference between online and offline defense scenes, limiting the generation process of a countermeasure patch, then providing a key area-oriented non-target pertinence countermeasure patch generation algorithm, and generating a countermeasure patch corresponding to each site;
(3) The countermeasure patch is injected: the injection process is based on a WFPadTools framework to design a Tor plug-in, firstly, plug-in deployment is carried out at a Tor user side and a bridge side, then, a control message is designed for communication between the user side and the bridge side, and finally, the countermeasure patch is injected online according to a set strategy.
2. The method of claim 1, wherein the online Web site defense based on countermeasure patches comprises: the specific process of the step (1) is as follows:
(11) Inputting the network flow sequence into the convolutional neural network and obtaining the output A of the last convolutional layer and the target label score y c (ii) a Wherein A contains Z feature maps in total, the size of each feature map is Z =1*I, and the value of the ith column in the kth feature map is
Figure FDA0003755252710000015
(12) Calculating the gradient of each value in the feature map by using back propagation
Figure FDA0003755252710000016
As shown in equation (1), and the gradient of the feature map
Figure FDA0003755252710000017
Averaging to obtain weights of feature maps
Figure FDA0003755252710000018
As shown in equation (2):
Figure FDA0003755252710000011
Figure FDA0003755252710000012
(13) Obtaining the weight of the characteristic diagram, and then obtaining the value A of each characteristic diagram k And weight
Figure FDA0003755252710000019
Adding the multiplied values to obtain the contribution degree f of each point c The calculation process is shown in formula (3):
Figure FDA0003755252710000013
(14) Degree of contribution f c Performing ReLU operation to obtain L c Is prepared by mixing L c The data are divided into a plurality of groups according to the length 50, and the contribution degrees of each element in the groups are added to obtain the group contribution degree.
3. The method of claim 1, wherein the online Web site defense based on countermeasure patches comprises: the step (2) specifically comprises:
(21) Limiting patch elements to be +1 or-1, splitting the patch into a plurality of small patches, setting the first element of each small patch to be-1 and the last element to be +1;
(22) Calculating the number N of the small patches according to the length L of the network flow sequence, the bandwidth load percentage B and the small patch length plen, as shown in a formula (4):
Figure FDA0003755252710000014
(23) Obtaining a flow key area through the step (1), and selecting a key area with high front Q contribution degree of the front group to obtain an injection position l;
(24) The countermeasure patch is generated as shown in equation (5):
Figure FDA0003755252710000021
wherein X is a source site traffic data set, s represents an injection position, psi represents a patch injection mode of network traffic, and y t Representing a site label, F representing a fingerprint classifier of the Web site, and a loss function uses cross entropy of a cross EntropyLoss class, and updates the patch by maximizing the classification loss of the fingerprint classifier.
4. The method of claim 1, wherein the method comprises: the step (3) specifically comprises:
(31) When a user initiates a site access request, a client records the directions of all data packets to generate a real-time data packet sequence;
(32) When the flow sequence reaches the injection position, the client loads the small patch at the position, caches the received uplink data packet into the Buffer, and sends a PADDING _ START control message and the number G of the filling messages to the bridge end;
(33) After receiving the PADDING _ START message, the bridge end firstly sends G-1 PADDING data messages, and finally sends a PADDING _ STARTED control message to inform the client of the START of filling;
(34) Alternately sending the PADDING data message according to the small patch strategy;
(35) After the small patch injection is finished, the client sends a PADDING _ END message and sends a data packet cached in the Buffer;
(36) After receiving the PADDING _ END message, the network bridge END sends a data packet cached in the Buffer;
(37) And repeating the processes (31) to (36), and injecting each confrontation small patch according to the confrontation patch strategy.
CN202210852629.3A 2022-07-20 2022-07-20 Online Web site defense method based on countermeasure patch Pending CN115225383A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210852629.3A CN115225383A (en) 2022-07-20 2022-07-20 Online Web site defense method based on countermeasure patch

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210852629.3A CN115225383A (en) 2022-07-20 2022-07-20 Online Web site defense method based on countermeasure patch

Publications (1)

Publication Number Publication Date
CN115225383A true CN115225383A (en) 2022-10-21

Family

ID=83612635

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210852629.3A Pending CN115225383A (en) 2022-07-20 2022-07-20 Online Web site defense method based on countermeasure patch

Country Status (1)

Country Link
CN (1) CN115225383A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180026994A1 (en) * 2016-07-22 2018-01-25 Alibaba Group Holding Limited Network attack defense system and method
CN112241790A (en) * 2020-12-16 2021-01-19 北京智源人工智能研究院 Small countermeasure patch generation method and device
CN113938291A (en) * 2021-09-03 2022-01-14 华中科技大学 Encrypted flow analysis defense method and system based on anti-attack algorithm

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180026994A1 (en) * 2016-07-22 2018-01-25 Alibaba Group Holding Limited Network attack defense system and method
CN112241790A (en) * 2020-12-16 2021-01-19 北京智源人工智能研究院 Small countermeasure patch generation method and device
CN113938291A (en) * 2021-09-03 2022-01-14 华中科技大学 Encrypted flow analysis defense method and system based on anti-attack algorithm

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
杨弋鋆;邵文泽;王力谦;葛琦;鲍秉坤;邓海松;李海波;: "面向智能驾驶视觉感知的对抗样本攻击与防御方法综述", 南京信息工程大学学报(自然科学版), no. 06, 28 November 2019 (2019-11-28) *

Similar Documents

Publication Publication Date Title
Cao et al. A many-objective optimization model of industrial internet of things based on private blockchain
CN113762530B (en) Precision feedback federal learning method for privacy protection
CN108574668B (en) DDoS attack flow peak value prediction method based on machine learning
CN111625820A (en) Federal defense method based on AIoT-oriented security
CN113313264B (en) Efficient federal learning method in Internet of vehicles scene
CN113422695B (en) Optimization method for improving robustness of topological structure of Internet of things
CN114363043B (en) Asynchronous federal learning method based on verifiable aggregation and differential privacy in peer-to-peer network
CN114257428B (en) Encryption network traffic identification and classification method based on deep learning
CN110381509B (en) Combined authentication method and server suitable for dynamic connection scene
CN112767226A (en) Image steganography method and system based on GAN network structure automatic learning distortion
CN114448660B (en) Internet of things data access method
CN113486337B (en) Network security situation element identification system and method based on particle swarm optimization
CN107016212A (en) Intention analysis method based on dynamic Bayesian network
CN107317756A (en) A kind of optimal attack paths planning method learnt based on Q
CN115225383A (en) Online Web site defense method based on countermeasure patch
CN110784487B (en) SDN node defense method based on data packet sampling inspection model
CN106603294A (en) Comprehensive vulnerability assessment method based on power communication network structure and state
CN113726809B (en) Internet of things equipment identification method based on flow data
CN115021986A (en) Construction method and device for Internet of things equipment identification deployable model
CN113938309A (en) DoS attack traffic generation system and method based on DCGAN network
CN115361221B (en) Website fingerprint identification defense system and method based on data poisoning
CN114528596A (en) Method for enhancing expandability of directed acyclic graph block chain based on deep learning
CN118432893A (en) Multi-sample website fingerprint defense method based on challenge sample filling
CN110020087A (en) A kind of distributed PageRank accelerated method based on similarity estimation
CN116401071B (en) Resource allocation method and system for edge calculation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination