Cargando…
An efficient hexadecimal network flow watermark method for tracking attack traffic
Network flow watermark technology is a traffic marking technique that embeds watermark information into the characteristics of network flows to mark and trace attack flows generated by network attackers. However, with the development of network attack techniques, the time and number of packets requi...
Autores principales: | , , , , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
Nature Publishing Group UK
2023
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10689431/ https://www.ncbi.nlm.nih.gov/pubmed/38036612 http://dx.doi.org/10.1038/s41598-023-48552-0 |
_version_ | 1785152365642383360 |
---|---|
author | Cui, Jun Han, Keya Sha, Lin Liu, Wei Zhang, Xiaofeng Li, Guangxu |
author_facet | Cui, Jun Han, Keya Sha, Lin Liu, Wei Zhang, Xiaofeng Li, Guangxu |
author_sort | Cui, Jun |
collection | PubMed |
description | Network flow watermark technology is a traffic marking technique that embeds watermark information into the characteristics of network flows to mark and trace attack flows generated by network attackers. However, with the development of network attack techniques, the time and number of packets required for network attacks have decreased. Existing network flow watermark technologies fail to balance watermark robustness and efficiency, resulting in poor practicality. To address this issue, this paper proposes an efficient hexadecimal network flow watermark method. The method introduces an efficient interval watermark algorithm and utilizes an interval synchronization algorithm to self-learn watermark parameters, thereby improving the encoding efficiency of the watermark. The design of watermark start and end markers ensures the practicality of network watermarks, enabling traceability and source attribution of attack flows in real network environments. The proposed method is experimentally tested using real network traffic, and the results demonstrate that even in the presence of a network jitter, the watermark detection success rate of this scheme remains above 95%. Compared to other network flow watermark schemes, the hexadecimal network flow watermark proposed in this paper achieves a 50% improvement in encoding and decoding efficiency while ensuring robustness. It also exhibits excellent resistance to network jitter, packet loss, and false packet insertion. |
format | Online Article Text |
id | pubmed-10689431 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2023 |
publisher | Nature Publishing Group UK |
record_format | MEDLINE/PubMed |
spelling | pubmed-106894312023-12-02 An efficient hexadecimal network flow watermark method for tracking attack traffic Cui, Jun Han, Keya Sha, Lin Liu, Wei Zhang, Xiaofeng Li, Guangxu Sci Rep Article Network flow watermark technology is a traffic marking technique that embeds watermark information into the characteristics of network flows to mark and trace attack flows generated by network attackers. However, with the development of network attack techniques, the time and number of packets required for network attacks have decreased. Existing network flow watermark technologies fail to balance watermark robustness and efficiency, resulting in poor practicality. To address this issue, this paper proposes an efficient hexadecimal network flow watermark method. The method introduces an efficient interval watermark algorithm and utilizes an interval synchronization algorithm to self-learn watermark parameters, thereby improving the encoding efficiency of the watermark. The design of watermark start and end markers ensures the practicality of network watermarks, enabling traceability and source attribution of attack flows in real network environments. The proposed method is experimentally tested using real network traffic, and the results demonstrate that even in the presence of a network jitter, the watermark detection success rate of this scheme remains above 95%. Compared to other network flow watermark schemes, the hexadecimal network flow watermark proposed in this paper achieves a 50% improvement in encoding and decoding efficiency while ensuring robustness. It also exhibits excellent resistance to network jitter, packet loss, and false packet insertion. Nature Publishing Group UK 2023-11-30 /pmc/articles/PMC10689431/ /pubmed/38036612 http://dx.doi.org/10.1038/s41598-023-48552-0 Text en © The Author(s) 2023 https://creativecommons.org/licenses/by/4.0/Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ (https://creativecommons.org/licenses/by/4.0/) . |
spellingShingle | Article Cui, Jun Han, Keya Sha, Lin Liu, Wei Zhang, Xiaofeng Li, Guangxu An efficient hexadecimal network flow watermark method for tracking attack traffic |
title | An efficient hexadecimal network flow watermark method for tracking attack traffic |
title_full | An efficient hexadecimal network flow watermark method for tracking attack traffic |
title_fullStr | An efficient hexadecimal network flow watermark method for tracking attack traffic |
title_full_unstemmed | An efficient hexadecimal network flow watermark method for tracking attack traffic |
title_short | An efficient hexadecimal network flow watermark method for tracking attack traffic |
title_sort | efficient hexadecimal network flow watermark method for tracking attack traffic |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10689431/ https://www.ncbi.nlm.nih.gov/pubmed/38036612 http://dx.doi.org/10.1038/s41598-023-48552-0 |
work_keys_str_mv | AT cuijun anefficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic AT hankeya anefficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic AT shalin anefficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic AT liuwei anefficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic AT zhangxiaofeng anefficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic AT liguangxu anefficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic AT cuijun efficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic AT hankeya efficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic AT shalin efficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic AT liuwei efficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic AT zhangxiaofeng efficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic AT liguangxu efficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic |