Internet-protocols obfuscating encoding algorithms effectiveness measurement methods


DOI: 10.34759/trd-2020-115-12

Аuthors

Nevolin A. O.

e-mail: nevolin.ao@yandex.ru

Abstract

Data encryption is not always possible today. In some situations attacker does not actually need to decode information – he just can organize DDOS-attack and turn attacked system off for a some (maybe long) time. If information system uses encryption protocols, it’s always a good hint for security analyst – if data is encrypted, that means than there is something important.

There are some ways to protect data and whole system – by alternative methods of secure data processing, digital steganography for example. A new method is protocol masking. In this way we encode some protocol so it looks like another. So attacker does not actually know what kind of information is transferred through channel that he is listening.

While encoding one protocol as another we must remember to keep it’s basic characteristic similar to referenced protocol. If we don’t, attacker can easily not only detect fact of masking, but also find out which protocol we used originally. So we need some metrics to describe measure of information “protectiveness”. These metrics can be, for example, statistical characteristics of protocol. If we keep them the same, the fact of protocol change will not be discovered by security analyst.

This article describes offered model of whole system. Also it proposes a models of attacker and legal user. Some strong mathematical measures of encoding efficiency are then introduced. They are based on statistical characteristics (commands or their parameters probability and other). Finally, some methods of XML-based protocols obfuscation are described and analyzed at the point of view of proposed characteristics.

Keywords:

information security, encryption, steganography, man in the middle, hidden dataflow

References

  1. Gurevich O.S., Kessel’man M.G., Trofimov A.S., Chernyshov V.I. Trudy MAI, 2017, no. 94. URL: http://trudymai.ru/eng/published.php?ID=81143

  2. Titov A.G., Neretin E.S., Dudkin S.O., Brusnikin P.M. Trudy MAI, 2019, no. 105. URL: http://trudymai.ru/eng/published.php?ID=104257

  3. Romanov A.M., Gringoli F., Sikora A. Trudy MAI, 2019, no. 108. URL: http://trudymai.ru/eng/published.php?ID=109522. DOI: 10.34759/trd-2019-108-13

  4. Shikhin S.M. Trudy MAI, 2019, no. 109. URL: http://trudymai.ru/eng/published.php?ID=111442. DOI: 10.34759/trd-2019-109-28

  5. Khummanee S., Khumseela A., Puangpronpitag S. Towards a new design of firewall: Anomaly elimination and fast verifying of firewall rules, 2013 10th International Joint Conference on Computer Science and Software Engineering (JCSSE), 29 – 31 May 2013, Thailand. DOI:10.1109/JCSSE.2013.6567326

  6. Sheng H., Wei L., Zhang C., Zhang X. Privacy-Preserving Cloud-Based Firewall for IaaS-based Enterprise, 2016 International Conference on Networking and Network Applications (NaNA), 23 – 25 July 2016, Hakodate, Japan. DOI: 10.1109/NaNA.2016.37

  7. Wei L., Hongyu L., Xiaoliang Z. A network data security analysis method based on DPI technology, 2016 7th IEEE International Conference on Software Engineering and Service Science (ICSESS), 26  – 28 August 2016, Beijing, China, DOI: 10.1109/ICSESS.2016.7883228

  8. Nagpal B., Sharma P., Chauhan N., Panesar A. DDoS tools: Classification, analysis and comparison, 2015 2nd International Conference on Computing for Sustainable Global Development (INDIACom), 11 – 13 March 2015, New Delhi, India.

  9. Wu Z., Wang C., Zeng H. Research on the comparison of Flood DDoS and Low-rate DDoS, 2011 International Conference on Multimedia Technology, 26 – 28 July 2011, Hangzhou, China. DOI: 10.1109/ICMT.2011.6002141

  10. Zelenskii M.D. IV Vserossiiskaya nauchno-tekhnicheskaya konferentsiya “Studencheskaya nauka dlya razvitiya informatsionnogo obshchestva”: sbornik materialov, Stavropol’, Severo-Kavkazskii federal’nyi universitet, 2016, pp. 241 – 243.

  11. Davis S., Burnett I. Collaborative Editing using an XML Protocol. TENCON 2005, 2005 IEEE Region 10 Conference, pp. 1-5. DOI: 10.1109/TENCON.2005.300936

  12. Abramov M.V., Shek V.M. Gornyi informatsionno-analiticheskii byulleten’, 2004, no. 4, pp. 134 – 137.

  13. Brazhuk A.I. II Vserossiiskaya nauchnaya konferentsiya s mezhdunarodnym uchastiem “Informatsionnye tekhnologii v modelirovanii i upravlenii”: podkhody, metody, resheniya: sbornik trudov, Tol’yatti, Izdatel’ Kachalin Aleksandr Vasil’evich, 2019, pp. 435 – 442.

  14. Peng Y., Chen Y., Shen B. An Adaptive Approach to Recommending Obfuscation Rules for Java Bytecode Obfuscators, 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), 15 – 19 Jul 2019, Milwaukee, USA. DOI: 10.1109/COMPSAC.2019.00023

  15. Sipakov D.S., Gubenko N.E. Vseukrainskaya nauchno-tekhnicheskaya konferentsiya aspirantov i molodykh uchenykh “Informatsionno-upravlyayushchie sistemy i tekhnologii”, Donetsk, DonNTU, 2014, pp. 37 – 42.

  16. Ivanov P.S. Obfuskatsiya i zashchita programmnykh produktov. URL: http://citforum.ru/security/articles/obfus

  17. Nevolin A.O. Elektrosvyaz’, 2019, no. 8, pp. 49 – 52.

  18. Venttsel’ E.S., Ovcharov L.A. Teoriya veroyatnostei i ee inzhenernye prilozheniya (Theory of Probabilities and its Engineering applications), Moscow, Nauka, 1988, 480 p.

  19. Kibzun A.I., Goryainova E.R., Naumov A.V., Sirotin A.N. Teoriya veroyatnostei i matematicheskaya statistika: bazovyi kurs s primerami i zadachami (Probability theory and mathematical statistics. Basic course with examples and tasks), Moscow, Fizmatlit, 2002, 224 p.

  20. Nevolin A.O. VIII Mezhdunarodnaya nauchno-tekhnicheskaya konferentsiya "Grazhdanskaya aviatsiya na sovremennom etape razvitiya nauki, tekhniki i obshchestva: tezisy dokladov, Moscow, Izd-vo MGTU GA, 2008, pp. 70 – 71.


Download

mai.ru — informational site MAI

Copyright © 2000-2024 by MAI

Вход