| In the network communication security, the traditional network security is mainly focused on the protection for the data and information, namely the communication data encryption and hiding. But this way can’t effectively protect the identity information of both side communicators, and the attacker can also capture the information of both side communicators and analyze the relationship between them. To overcome the shortcomings of the traditional network communications security, many kinds of anonymous communication systems have been designed. By communicating through the anonymous communication systems, the identity information of the two side communicators can be hidden effectively. Currently, anonymous communication systems have become an important approach to protect the identity information for network communicators.However, anonymity is a double-edged sword. The normal users can protect the identity information from leaking through the anonymous system; while the malicious users can take advantage of anonymity features to do some illegal network activities. In the Onion Routing anonymous system, users could join and leave at any time as they wish. The system is open for all users to join into it to communicate, while other users could not recognize the identity information. But this is easy to be taken advantage by malicious users, such as joining anonymous system to be malicious node, publishing comments and rumors that threaten country security or implementing the DDOS attack, etc. Thus, it’s significant to control anonymous network traffic and alleviate the abuse of anonymous Internet.I2P anonymous communication system is a widely adopted communication system except Tor. The major contents of this thesis are focused on I2 P anonymous communication protocol analysis and traffic detection. Based on the analysis of its protocol, this thesis proposes an improved detection approache which based on multiple network flow filtering,regarding to existed traffic detection approach drawbacks.and proposes an improved algorithm which regarding to the feature selection algorithm based on mutual information drawbacks.The major contributions of this thesis are as follows: 1. In terms of anonymous communication protocol, detailed analysis of its source code, running principles, datagram length features are given; 2. In terms of I2 P anonymous traffic detection, based on its datagram length entropy filter, proposing an improved approach to filter unknown traffics firstly; 3.On the basis of I2 P first stage datagram characteristic, this thesis proposes a proposed a filtering method which based on the datagram length sequence; and a filtering method which based on the relative entropy;4. Implementing a prototype system based on these three approaches and evaluate its accuracy and efficiency with tests. |
PDF Full Text Request