基于对抗样本的流量特征隐藏方法

摘要/Abstract

摘要： 深度学习技术的不断发展给智能家居流量隐私保护带来新的挑战，传统的流量隐私保护技术不能有效抵御黑盒场景下的基于深度学习的流量分析攻击.为此，提出了一种基于对抗样本的流量特征隐藏方法，将流量数据转化为图像数据，借助迁移学习构建设备识别模型作为目标对抗模型，并根据流量特征构建生成器网络生成对抗样本.同时，训练网络学习普通流量和对抗样本之间的映射关系并将对抗样本中扰动的位置和大小进行限制，利用模型的迁移性实现黑盒场景中的设备流量隐私保护.实验结果表明，基于对抗样本的流量特征隐藏方法能够有效抵抗未知识别模型的攻击，保护了用户的隐私安全.

关键词: 智能家居, 隐私保护, 深度学习, 对抗样本, 流量特征隐藏

Abstract: The continuous development of deep learning poses new challenges for smart home traffic privacy protection. Traditional traffic privacy protection techniques cannot effectively defend against deep learningbased traffic analysis attacks in blackbox scenarios. To address this, this paper investigates a traffic feature obfuscation method based on adversarial samples. It transforms traffic data into image data, leverages transfer learning to build a device recognition model as the target adversarial model, and uses a generator network to construct adversarial samples based on traffic features. Simultaneously, the network is trained to learn the mapping relationship between regular traffic and adversarial samples while restricting the position and size of perturbations in the adversarial samples. This approach utilizes the model’s transferability to achieve device traffic privacy protection in blackbox scenarios. Experimental results demonstrate that the traffic feature obfuscation method based on adversarial samples can effectively resist attacks from unknown recognition models, thereby safeguarding user privacy.

Key words: smart home, privacy protection, deep learning, adversarial samples, traffic feature obfuscation

中图分类号:

TP393.08

李荣, 李乐言, . 基于对抗样本的流量特征隐藏方法[J]. 信息安全研究, 2024, 10(12): 1137-.

参考文献

［1］Misecurity. 消费级物联网安全基线［EBOL］. (20220207) ［20230716］. https:github.comMiSecurityCyberSecurityBaselineforConsumerInternetofThingsblobmainresourcespdf消费级物联网安全基线.pdf［2］徐金才, 任民, 李琦, 等.图像对抗样本的安全性研究概述［J］. 信息安全研究, 2021, 7(4): 294309［3］王志强, 都迎迎, 林雨衡, 等.基于文本关键词的对抗样本生成技术研究［J］. 信息安全研究, 2023, 9(4): 338346［4］佟萌. 基于对抗样本的网络欺骗流量生成方法研究［D］. 武汉: 华中科技大学, 2022［5］Szegedy C, Zaremba W, Sutskever I, et al. Intriguing properties of neural networks［J］. arXiv preprint, arXiv:1312.6199, 2013［6］Goodfellow I J, Shlens J, Szegedy C. Explaining and harnessing adversarial examples［J］. arXiv preprint, arXiv:1412.6572, 2014［7］Kurakin A, Goodfellow I J, Bengio S. Adversarial examples in the physical world［M］ Artificial Intelligence Safety and Security. London: Chapman and Hall, 2018: 99112［8］Dong Y, Liao F, Pang T, et al. Boosting adversarial attacks with momentum［C］ Proc of the IEEE Conf on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2018: 91859193［9］Carlini N, Wagner D. Towards evaluating the robustness of neural networks［C］ Proc of the 2017 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2017: 3957［10］Papernot N, McDaniel P, Jha S, et al. The limitations of deep learning in adversarial settings［C］ Proc of the 2016 IEEE European Symp on Security and Privacy. Piscataway,NJ: IEEE, 2016: 372387［11］Sivanathan A, Gharakheili H H, Loi F, et al. Classifying IoT devices in smart environments using network traffic characteristics［J］. IEEE Trans on Mobile Computing, 2018, 18(8): 17451759［12］Luo X, Zhou P, Chan E W W, et al. HTTPOS: Sealing information leaks with browserside obfuscation of encrypted flows［C］ Proc of the Network and Distributed System Security Symposium. San Diego: NDSS, 2011［13］Mohajeri Moghaddam H, Li B, Derakhshani M, et al. Skypemorph: Protocol obfuscation for tor bridges［C］ Proc of the 2012 ACM Conf on Computer and Communications Security. New York: ACM, 2012: 97108［14］Apthorpe N, Huang D Y, Reisman D, et al. Keeping the smart home private with smart(er) IoT traffic shaping［J］. Proceedings on Privacy Enhancing Technologies, 2019, 2019(3):128148［15］李杰, 周路, 李华欣, 等.基于生成对抗网络的网络流量特征伪装技术［J］. 计算机工程, 2019, 45(12): 119126［16］胡永进, 郭渊博, 马骏, 等.基于对抗样本的网络欺骗流量生成方法［J］. 通信学报, 2020, 41(9): 5970［17］Wang W, Zhu M, Zeng X, et al. Malware traffic classification using convolutional neural network for representation learning［C］ Proc of the 2017 Int Conf on Information Networking (ICOIN). Piscataway, NJ: IEEE, 2017: 712717［18］He K, Zhang X, Ren S, et al. Deep residual learning for image recognition［C］ Proc of the IEEE Conf on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2016: 770778［19］Simonyan K, Zisserman A. Very deep convolutional networks for largescale image recognition［J］. arXiv preprint, arXiv:1409.1556, 2014［20］Huang G, Liu Z, Van Der Maaten L, et al. Densely connected convolutional networks［C］ Proc of the IEEE Conf on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2017: 47004708［21］Deng J, Dong W, Socher R, et al. ImageNet: A largescale hierarchical image database［C］ Proc of the 2009 IEEE Conf on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2009: 248255［22］Campos D, OConnor T J. Towards labeling ondemand IoT traffic［COL］ Proc of the Cyber Security Experimentation and Test Workshop. 2021 ［20230716］. https:cset21.isi.edupaperscset219.pdf

[1]	郑嘉熙, 陈伟, 尹萍, 张怡婷, . 基于可解释性的不可见后门攻击研究[J]. 信息安全研究, 2025, 11(1): 21-.
[2]	李为, 袁泽坤, 吴克河, 程瑞, . 基于注意力机制和多尺度卷积神经网络的容器异常检测[J]. 信息安全研究, 2025, 11(1): 35-.
[3]	王庆楠, 王克, 陈辉焱, 辛红彩, 姚云飞, 王宇, . 理想格上基于身份的可截取签名方案[J]. 信息安全研究, 2025, 11(1): 57-.
[4]	周成胜, 孟楠, 赵勋, 邱情芳, . 基于深度学习的多会话协同攻击加密流量检测技术研究[J]. 信息安全研究, 2025, 11(1): 66-.
[5]	谷占新, 马利民, 王佳慧, 张伟, . 基于区块链的电子病历安全高效共享方法[J]. 信息安全研究, 2025, 11(1): 74-.
[6]	刘文龙, 文斌, 马梦帅, 杜宛蓉, 魏晓寻, . 多种深度学习融合的网络流量异常检测模型[J]. 信息安全研究, 2024, 10(E2): 54-.
[7]	卢轩, 吴建华, 龚一轩, 施天宇, . 基于LSTM的充电桩恶意流量入侵检测[J]. 信息安全研究, 2024, 10(E2): 134-.
[8]	徐元杰, 吴建华, 龚一轩, . 简析车联网网络安全[J]. 信息安全研究, 2024, 10(E2): 139-.
[9]	徐元杰, 吴建华, 龚一轩, . 简析车联网网络安全[J]. 信息安全研究, 2024, 10(E2): 139-.
[10]	范晓娟, 刘玉岭, 郑雯, . 数据治理中的监管比较研究[J]. 信息安全研究, 2024, 10(E2): 162-.
[11]	张富川, 吴金宇, 陈丽珍, 段古纳, 齐洪东, 刘诗瑶, . 云计算数据隐私保护可信计算方案研究[J]. 信息安全研究, 2024, 10(E2): 236-.
[12]	姚思诚, 陈海粟, 廖佳纯, . 公共数据开发中个人信息识别挑战[J]. 信息安全研究, 2024, 10(E2): 240-.
[13]	王秋杨, 郭卫红, . 跨国数据共享与隐私保护的挑战研究[J]. 信息安全研究, 2024, 10(E1): 54-.
[14]	顾芳铭, 况博裕, 许亚倩, 付安民, . 面向自动驾驶感知系统的对抗样本攻击研究综述[J]. 信息安全研究, 2024, 10(9): 786-.
[15]	韩刚, 马炜燃, 张应辉, 刘伟, 盛丽玲, . 物联网感知环境中抗投毒可验证安全联邦学习方案[J]. 信息安全研究, 2024, 10(9): 804-.