利用包长特征的浏览器被动识别方法

doi:10.3969/j.issn.1001-2400.2017.06.025

Abstract

Abstract:

The browser, as the most frequently used network application software, is an important target of hackers. For network administrators, mastering the browsers used by network users can help them to discover the possible vulnerabilities in the host computers and take defensive measures expediently. In this paper, we propose a passive browser identification method by requesting the packet length. We make use of the difference in requesting the packet length when using different browsers to request the web content, and then achieve the browser identification by the clustering algorithm. The experiment shows that the recognition rate of the five most common browsers can reach more than 90％ in this way, and the time stability of the fingerprinting is also confirmed. This method does not increase the network traffic or interfere with the normal operation of the network, and it can identify web browsers under the condition of both non-encryption and encryption.

Key words: browser, passive identification, packet length, classification, feature stability

LIU Changjiang;WAN Jian;HAN Jiesi;WEI Qiang. Passive browser identification based on the packet length[J].Journal of Xidian University, 2017, 44(6): 144-149.

References

［1］ MALWARETIPS. Desk Top Browser Share Trend［EB/OL］.［2016-04-15］. https: //malwaretips. com/threads/desktop-top-browser-share-trend. 5543/.
［2］ STATCOUNTER . Top 5 Desktop Browsers from Jan to Dec 2015［EB/OL］.［2016-04-15］. http: //gs. statcounter. com/#desktop-browser-ww-monthly-201501-201512-bar.
［3］ ECKERSLEY P. How Unique Is Your Web Browser?［C］//Lecture Notes in Computer Science: 6205. Heidelberg: Springer Verlag, 2010: 1-18.
［4］ NIKIFORAKIS N, KAPRAVELOS A, JOOSEN W, et al. Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting［C］//Proceedings of the IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2013: 541-555.
［5］王维, 王伟平, 王建新. 一种基于升级浏览器指纹的用户识别方法［C］//第七届信息安全漏洞分析与风险评估大会论文集, 2014: 189-197.
［6］ SUN Q, SIMON D R, WANG Y M, et al. Statistical Identification of Encrypted Web Browsing Traffic［C］//Proceedings of the IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2002: 19-30.
［7］ SHI Y, BISWAS S. Website Fingerprinting Using Traffic Analysis of Dynamic Webpages［C］//Proceedings of the 2014 IEEE Global Communications Conference. Piscataway: IEEE, 2015: 557-563.
［8］ YUAN Z L, XUE Y B, XIA W. PPI: towards Precise Page Identification for Encrypted Web-browsing Traffic［C］//Proceedings of the 9th ACM/IEEE Symposium on Architectures for Networking and Communications Systems. Piscataway: IEEE, 2013: 109-110.
［9］ GONG X, BORISOV N, KIYAVASH N, et al. Website Detection Using Remote Traffic Analysis［C］//Lecture Notes in Computer Science: 7384.Heidelberg: Springer Verlag, 2012: 58-78.
［10］ YU J, CHAN-TIN E. Identifying Webbrowsers in Encrypted Communications［C］//Proceedings of the ACM Conference on Computer and Communications Security. New York: ACM, 2014: 135-138.
［11］柏骏, 夏靖波, 钟赟, 等. 网络运行态势感知技术及其模型［J］. 解放军理工大学学报: 自然科学版, 2015, 16(1): 16-22.
BAI Jun, XIA jingbo, ZHONG Yun, et al. Network Runing Situation Awareness Technology and Its Model［J］. Journal of PLA University of Science and Technology: Natural Science Edition, 2015, 16(1): 16-22
［12］杨洁, 刘聪锋. 模式匹配与校验和相结合的IP协议识别方法［J］. 西安电子科技大学学报, 2012, 39(3): 149-153.
YANG Jie, LIU Congfeng. IP Protocol Identification Method Using the Pattern Match and Check Sum［J］. Journal of Xidian University, 2012, 39(3): 149-153.
［13］ HECKERMAN D. A Tutorial on Learning with Bayesian Networks［C］//Learning in Graphical Models. Cambridge: MIT Press, 1999: 301-354.
［14］ BREIMAN L. Random Forests［J］. Machine Learning, 2001, 45(1): 5-32.
［15］ CHAU M, CHEN H C. A Maching Learning Approach to Web Page Filtering Using Content and Structure Analysis［J］. Decision Support System, 2008, 44(2): 482-494.
［16］ ALEXA. The Top 500 Sites on the Web［EB/OL］. ［2016-04-20］. http: //www. alexa. com/topsites.

[1]	ZHOU Jianyu,WEI Yinsheng,XU Rongqing. Improved ionospheric clutter classification method based on fuzzy C-means clustering [J]. Journal of Xidian University, 2021, 48(2): 35-41.
[2]	DUAN Chongdi,HAN Chaolei,YANG Zhiwei,ZHANG Qingjun. Inshore ambiguity clutter suppression method aided by clutter classification [J]. Journal of Xidian University, 2021, 48(2): 64-71.
[3]	LI Shan,ZHNAG Kun,SHUI Penglang. Ship length distribution modeling on China offshore and ability evaluation of radar ship classification [J]. Journal of Xidian University, 2021, 48(2): 84-91.
[4]	LI Hai,SHANG Jinlei,SUN Tingyi,FENG Qing,ZHUANG Zibo. Method for hydrometeor classification based on MC-DTSVMs [J]. Journal of Xidian University, 2020, 47(4): 132-140.
[5]	LIU Daohua,WANG Shasha,YANG Zhipeng,CUI Yushuang. Improved face image classification method based on the local embedding network [J]. Journal of Xidian University, 2020, 47(4): 18-23.
[6]	LI Jiang,FENG Cunqian,WANG Yizhe,XU Xuguang. Deep learning model for micro-motion classification of cone targets [J]. Journal of Xidian University, 2020, 47(3): 105-112.
[7]	ZHANG Zhichang,ZHANG Zhiman,ZHANG Zhenwen. Classifying health questions with local semantic and global structural information [J]. Journal of Xidian University, 2020, 47(2): 9-15.
[8]	YAN Lin,LIU Kai,DUAN Meiyu. Lightweight deep neural network for point cloud classification [J]. Journal of Xidian University, 2020, 47(2): 46-53.
[9]	SONG Jianfeng,WEI Yue,MIAO Qiguang,QUAN Yining,CHEN Yusheng. Urine cell image classification algorithm based on the squeeze and excitation mechanism [J]. Journal of Xidian University, 2020, 47(2): 39-45.
[10]	CAO Yi,HUANG Zilong,ZHANG Wei,LIU Chen,LI Wei. Urban sound event classification with the N-order dense convolutional network [J]. Journal of Xidian University, 2019, 46(6): 9-16.
[11]	XIAO Lijun,GUO Jichang,GU Xiangyuan. Algorithm for selection of features based on dynamic weights using redundancy [J]. Journal of Xidian University, 2019, 46(5): 155-161.
[12]	YANG Hongyu,NA Yuzhuo. Android malware detection model [J]. Journal of Xidian University, 2019, 46(3): 45-51.
[13]	SUN Chen, CHENG Liye. Spatial sensing matrix learning for PolSAR image classification [J]. Journal of Xidian University, 2018, 45(6): 92-98.
[14]	LI Xue, AI Lirong, ZHOU Xiaojing, ZHANG Kai. Automatic assessment of children's vision [J]. Journal of Xidian University, 2018, 45(6): 150-155.
[15]	ZHENG Ling;QIU Zhiliang;SUN Shiyong;PAN Weitao;WANG Weina;ZHANG Zhiyi. Two-step multiple flow table construction algorithm in the software-defined network [J]. Journal of Xidian University, 2018, 45(5): 25-31.

Passive browser identification based on the packet length

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Metrics

Comments

Recommended 10