基于数据流多维特征的移动流量识别方法研究

Research on mobile traffic identification based on multidimensional characteristics of data flow

随着移动互联网的快速发展,移动设备的数量激增至历史新高.从大量混杂流量中识别出移动流量并对流量进行分析,是深入研究移动互联网特性的第一步,同时可以为移动网络测量与管理、移动安全和隐私保护提供有价值的信息.本文综合整理了网络流量识别的常见方法,提出了基于数据流多维统计特征的移动流量识别方法.该方法从硬件特征、操作系统指纹和用户使用习惯三个方面提取了数据流中具有代表性的特征并对特征进行分析,使用集成学习的方法生成识别模型.移动流量的识别准确率和主流的5种操作系统流量分类的准确率都达到了99%以上.本文方法比UAFs方法准确率提高了8%左右.本方法提取的特征具有多维性并且具有实际意义,整合了网络层和传输层的数据流特征,相较于使用深度数据包检测的方法,基于数据流多维特征的方法同样适用于加密流量的分类.

With the rapid development of mobile Internet,the number of mobile devices has surged to a record high.Recognizing and analyzing mobile traffic from a large number of mixed traffic is the first step to study the characteristics of mobile Internet.It can also provide valuable information for mobile network measurement and management,mobile security and privacy protection.This paper summarizes the common methods of network traffic identification,and proposes a mobile traffic identification method based on multidimensional statistical characteristics of data flow.This method extracts the representative features of data stream from three aspects:hardware features,operating system fingerprints and user usage habits,and analyses the features.An ensemble learning method is used to generate the recognition model.The accuracy of mobile traffic identification and five mainstream operation classification results are more than 99%.Compared with the UAFs method mentioned in this paper,the accuracy is improved by about 8%.The features extracted by this method are multidimensional and have practical significance.The features integrate the data flow characteristics network layer and transport layer.Compared with the method using deep packet inspection detection,this method is suitable for the classification of encrypted traffic.