| Summary: | 碩士 === 國立臺灣海洋大學 === 資訊工程學系 === 98 === As the realization of security and privacy issues on data network access, modern network protocols tend to adopt cryptographic technologies on data exchanging. Therefore, people who do not know the secret keys are not able to extract readable information from encrypted data stream. However, in addition to benefit brought by data encryption, encrypted streams also introduce difficulties for network management. An ISP who controls peer-to-peer bandwidth usage based on payload identification may be failed due to E-mails based on context may be also failed due to encryption of mail message. Hence, identifying and clustering encrypted network streams is relatively important with which data encryption technologies may be used as tools to penetrate security and access control policies.
In this thesis, we research, evaluate, and design generic algorithms to identify encrypted network data streams. First, we pick proper algorithms that are able to measure the randomness of byte streams. Based on these algorithms, we design methods to identify unencrypted data, encrypted data, and encrypted and then encoded data. The proposed solution is evaluated by detecting encrypted data streams from both self-generated and campus network traces. The results show that the proposed solution achieves a high detection rate and low error rates for both regular encrypted data and encoded encrypted data.
|
|---|
