中文摘要：

为了防御针对匿名通信系统的时间攻击，提出一种基于数据包时延规范化的防御方法.该方法将数据流中所有时延间隔调整至一个固定值，防止攻击者嵌入标记信息，从而达到防御攻击的目的.该固定值利用经验指定法或者移动平均法确定.如果包间时延间隔小于该值，延长此包间时延间隔；如果包间时延间隔大于该值，则插入1个或者多个干扰包.这样可使得所有时延间隔相同且等于该固定值.对时间水印攻击的防御实验结果表明，该方法的防御效果不受攻击者选取的起始时间和用于嵌入水印的时间间隔影响.真实网络环境中的实验结果显示，时间水印攻击的错误识别率均值达到43.51%，证明了该方法的有效性.

英文摘要：

To defend against the timing-based attacks on anonymous communication systems, a delay normalization method based on packets is proposed. This method normalizes all inter-packet intervals to a fixed value, and therefore prevents timing marks in the data stream by adjusting these intervals. The value can be defined through experience or a moving average method. When the inter- packet intervals in the data stream are less than the value, they are prolonged; when the inter-packet intervals are greater than the value, one or more chaff packets are inserted. Thus, all inter-packet intervals are the same and equal to the fixed value. The experimental results of defending against timing watermark attacks show that both the start time chosen by attackers and the intervals used to embed watermark can not influence the defensive effect of the method. The experimental results in the real network environment show that the average error rate of the timing watermark recognition reaches 43.51%, which proves that the proposed method is effective.