Cargando…

An efficient hexadecimal network flow watermark method for tracking attack traffic

Network flow watermark technology is a traffic marking technique that embeds watermark information into the characteristics of network flows to mark and trace attack flows generated by network attackers. However, with the development of network attack techniques, the time and number of packets requi...

Descripción completa

Detalles Bibliográficos
Autores principales: Cui, Jun, Han, Keya, Sha, Lin, Liu, Wei, Zhang, Xiaofeng, Li, Guangxu
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Nature Publishing Group UK 2023
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10689431/
https://www.ncbi.nlm.nih.gov/pubmed/38036612
http://dx.doi.org/10.1038/s41598-023-48552-0
_version_ 1785152365642383360
author Cui, Jun
Han, Keya
Sha, Lin
Liu, Wei
Zhang, Xiaofeng
Li, Guangxu
author_facet Cui, Jun
Han, Keya
Sha, Lin
Liu, Wei
Zhang, Xiaofeng
Li, Guangxu
author_sort Cui, Jun
collection PubMed
description Network flow watermark technology is a traffic marking technique that embeds watermark information into the characteristics of network flows to mark and trace attack flows generated by network attackers. However, with the development of network attack techniques, the time and number of packets required for network attacks have decreased. Existing network flow watermark technologies fail to balance watermark robustness and efficiency, resulting in poor practicality. To address this issue, this paper proposes an efficient hexadecimal network flow watermark method. The method introduces an efficient interval watermark algorithm and utilizes an interval synchronization algorithm to self-learn watermark parameters, thereby improving the encoding efficiency of the watermark. The design of watermark start and end markers ensures the practicality of network watermarks, enabling traceability and source attribution of attack flows in real network environments. The proposed method is experimentally tested using real network traffic, and the results demonstrate that even in the presence of a network jitter, the watermark detection success rate of this scheme remains above 95%. Compared to other network flow watermark schemes, the hexadecimal network flow watermark proposed in this paper achieves a 50% improvement in encoding and decoding efficiency while ensuring robustness. It also exhibits excellent resistance to network jitter, packet loss, and false packet insertion.
format Online
Article
Text
id pubmed-10689431
institution National Center for Biotechnology Information
language English
publishDate 2023
publisher Nature Publishing Group UK
record_format MEDLINE/PubMed
spelling pubmed-106894312023-12-02 An efficient hexadecimal network flow watermark method for tracking attack traffic Cui, Jun Han, Keya Sha, Lin Liu, Wei Zhang, Xiaofeng Li, Guangxu Sci Rep Article Network flow watermark technology is a traffic marking technique that embeds watermark information into the characteristics of network flows to mark and trace attack flows generated by network attackers. However, with the development of network attack techniques, the time and number of packets required for network attacks have decreased. Existing network flow watermark technologies fail to balance watermark robustness and efficiency, resulting in poor practicality. To address this issue, this paper proposes an efficient hexadecimal network flow watermark method. The method introduces an efficient interval watermark algorithm and utilizes an interval synchronization algorithm to self-learn watermark parameters, thereby improving the encoding efficiency of the watermark. The design of watermark start and end markers ensures the practicality of network watermarks, enabling traceability and source attribution of attack flows in real network environments. The proposed method is experimentally tested using real network traffic, and the results demonstrate that even in the presence of a network jitter, the watermark detection success rate of this scheme remains above 95%. Compared to other network flow watermark schemes, the hexadecimal network flow watermark proposed in this paper achieves a 50% improvement in encoding and decoding efficiency while ensuring robustness. It also exhibits excellent resistance to network jitter, packet loss, and false packet insertion. Nature Publishing Group UK 2023-11-30 /pmc/articles/PMC10689431/ /pubmed/38036612 http://dx.doi.org/10.1038/s41598-023-48552-0 Text en © The Author(s) 2023 https://creativecommons.org/licenses/by/4.0/Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ (https://creativecommons.org/licenses/by/4.0/) .
spellingShingle Article
Cui, Jun
Han, Keya
Sha, Lin
Liu, Wei
Zhang, Xiaofeng
Li, Guangxu
An efficient hexadecimal network flow watermark method for tracking attack traffic
title An efficient hexadecimal network flow watermark method for tracking attack traffic
title_full An efficient hexadecimal network flow watermark method for tracking attack traffic
title_fullStr An efficient hexadecimal network flow watermark method for tracking attack traffic
title_full_unstemmed An efficient hexadecimal network flow watermark method for tracking attack traffic
title_short An efficient hexadecimal network flow watermark method for tracking attack traffic
title_sort efficient hexadecimal network flow watermark method for tracking attack traffic
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10689431/
https://www.ncbi.nlm.nih.gov/pubmed/38036612
http://dx.doi.org/10.1038/s41598-023-48552-0
work_keys_str_mv AT cuijun anefficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic
AT hankeya anefficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic
AT shalin anefficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic
AT liuwei anefficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic
AT zhangxiaofeng anefficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic
AT liguangxu anefficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic
AT cuijun efficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic
AT hankeya efficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic
AT shalin efficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic
AT liuwei efficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic
AT zhangxiaofeng efficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic
AT liguangxu efficienthexadecimalnetworkflowwatermarkmethodfortrackingattacktraffic