| 引用本文: |
-
庄理淇,张行,李静,魏冬,张萌,黄伟庆.基于资源块时间占用特征的长时被动应用程序识别技术[J].信息安全学报,已采用 [点击复制]
- Zhuang Liqi,Zhang Hang,Li Jing,Wei Dong,Zhang Meng,Huang Weiqing.Long-term Passive Application Identification Technology Based On the Time Occupation Regularity of Resource Blocks[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 基于资源块时间占用的被动的应用程序识别技术是一种无形的隐私威胁,这种技术在没有任何先验知识的前提下,通过挖掘不同应用程序在上行控制信道资源占用上的潜在规律,反映出不同应用程序的流量模式,揭示移动终端正在运行的应用程序。相较于传统的网络层以及链路层的流量识别技术,该技术无需通过物理接入网络获取网络层流量数据,也不需要复杂的解调解码过程获取链路层明文传输的流量数据,并且在难以获取完整通信数据的现实场景中,仍然可以实现用户应用程序的识别。针对物理层缺乏用户标识符的现实场景,该方法引入设备发射电磁信号的极化状态特征,实现不同终端控制信道资源占用数据的分离。在此基础上,基于极化状态的稳定性、差异性以及上行控制信道资源块调度的相关性,解决了用户数据不完整的问题,实现了长时间内用户流量数据的捕获。针对本文提出的应用程序识别算法,我们在LTE模拟环境中进行了实验验证。实验结果表明,本文提出的方法在单用户场景下达到了92%的识别准确率。这种高准确率源于上行控制信道资源块的时间占用特征与应用程序的流量时间信息之间的对应关系。此外,本文考虑了多种现实因素的影响,并在多终端同时通信场景下,验证了极化状态特征分离不同终端的有效性以及该技术长时追踪用户的可行性。为了验证该技术的延展性,本文将该技术扩展到NR模拟环境中,达到了90%的准确率。 |
| 关键词: 应用程序识别技术 蜂窝网络 极化状态 资源块调度规律 上行控制信道 |
| DOI: |
| 投稿时间:2024-10-15修订日期:2025-01-16 |
| 基金项目:国家重点研发计划 |
|
| Long-term Passive Application Identification Technology Based On the Time Occupation Regularity of Resource Blocks |
|
Zhuang Liqi, Zhang Hang, Li Jing, Wei Dong, Zhang Meng, Huang Weiqing
|
| (Institute of Information Engineering,CAS) |
| Abstract: |
| The passive application identification technique based on resource block time occupancy poses an invisible privacy threat. This approach, without any prior knowledge, analyzes the potential patterns of resource occupancy on physical uplink control channel by different applications, revealing the traffic patterns and running applications on mobile terminals. Unlike traditional network layer and datalink layer traffic identification technologies, this method does not require physical network access to obtain network layer traffic data, nor does it need complex demodulation and decoding to access plaintext datalink layer traffic data. Even when complete communication data is difficult to obtain, it can still identify user applications. In scenarios where the physical layer lacks user identifiers, this method introduces the polarization state characteristics of electromagnetic signals emitted by devices to differentiate the resource occupancy data of different terminal control channels. By leveraging the stability and diversity of polarization states, along with the correlation of physical uplink control channel resource block scheduling, the issue of incomplete user data is addressed, allowing for long-term capture of user traffic data. We validated the proposed application identification algorithm in an LTE simulation environment. The experimental results indicate that the method achieves a 92% identification accuracy in a single-user scenario. This high accuracy stems from the correlation between the time occupancy features of resource blocks and the application's traffic timing information. Additionally, the study considers various real-world factors and demonstrates the effectiveness of polarization state characteristics in distinguishing between different terminals in multi-user communication scenarios, confirming the feasibility of long-term user tracking. To verify the extensibility of this technique, we expanded it to an NR simulation environment, achieving a 90% accuracy rate. |
| Key words: Application identification technology Cellular network Polarization state Resource block scheduling regularity Physical uplink control channel |
