| The identification of encrypted network traffic is an active research topic of network security these years.It is a sub-problem of Identification and Classification of Traffic and main about using kinds of technologies to identify and classify encrypted traffic to keep our network safe.There are three kinds of technologies which are payload-based technology,featured-based technology and ports-based technology.If the identification of encrypted traffic can be effective,accurate and fast,then many malicious attacks and much harmful traffic can be held back,and the security of the whole network environment will be greatly improved.This thesis will research a kind of protocol used in Shadowsocks which is a frequently-used proxy.The characteristics of encrypted traffic produced by the protocol will be analyzed and the security of this protocol will be discussed.In view of the security deficiencies of this protocol,this thesis will also propose different improvement schemes.Three versions of AKE protocols can solve the problem that the software protocol doses not satisfy the forward security and authentication.TLS proxy can solve the problem that the software protocol doses not satisfy the forward security,authentication and integrity.When the leakage problem is mentioned,this thesis also proposes a padding algorithm and its corresponding reduction algorithm to solve it. |
PDF Full Text Request