| Summary: | Tor is an anonymous network mechanism that provides services for hiding traffic sources, but it has the problem that the entry traffic flows of Tor are clearly identifiable. Bridge protocols such as obfs4 come into being to solve this problem, which brings new challenges that have not yet been overcome. An IPD interval scheme is proposed, which uses the clustering characteristics of k-means to improve the original scheme, so that the added flow watermark can be detected efficiently in the three modes of obfs4 bridges. The results of experiments show that the improved algorithm has higher detection rate and recognition rate, and has good adaptability to variable netflow traffic, which is conducive to the construction of a nice secure network environment.
|
|---|