期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于混合方法的IPSec VPN加密流量识别 被引量:9

IPSec VPN Encrypted Traffic Identification Based on Hybrid Method
下载PDF
导出
摘要 文中提出了一种混合方法,将指纹识别与机器学习方法相结合,实现了IPSec VPN加密流量的识别。该方法首先基于负载特征从网络流量中筛选出IPSec VPN流量;接着,基于时间相关的流特征,利用随机森林算法建立了IPSec VPN流量分类模型,通过参数优化以及特征选择,整体流量识别的准确率达到了93%。实验结果验证了通过流特征提取的机器学习方法识别IPSec VPN流量的可行性;同时表明了该方法能够有效均衡识别精度与识别速度,达到了高效识别IPSec VPN加密流量的效果。 This paper proposes a hybrid method,which combines fingerprint identification with machine learning method to rea-lize the identification of IPSec VPN encrypted traffic.Firstly,the method selects the IPSec VPN traffic from the network traffic based on the load characteristics.Secondly,based on the time-related flow features,it uses the random forest algorithm to establish the IPSec VPN traffic classification model.Through parameter optimization and feature selection,the overall traffic identification accuracy reaches 93%.The experimental results verify the feasibility of identifying IPSec VPN traffic by machine learning method based on time-related flow features.At the same time,the experimental results show that the proposed method can effectively balance the recognition accuracy and recognition speed,and achieve the effect of efficient identification of IPSec VPN encrypted traffic.
作者 周益旻 刘方正 王勇 ZHOU Yi-min;LIU Fang-zheng;WANG Yong(College of Electromagnetic Countermeasure,National University of Defense Technology,Hefei 230037,China;Anhui Key Laboratory of Cyberspace Security Situation Awareness and Evaluation,Hefei 230037,China)
机构地区 国防科技大学电子对抗学院 安徽省网络空间安全态势感知与评估重点实验室
出处 《计算机科学》 CSCD 北大核心 2021年第4期295-302,共8页 Computer Science
基金 国家自然科学基金(6167454)。
关键词 IPSec VPN 加密流量识别 随机森林 时间相关流特征 参数优化 IPSec VPN Encrypted traffic identification Random forest Time-related flow features Parameter optimization
分类号 TP393.8 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献7

二级参考文献113

  • 1[1]Kent, S., and R. Atkinson, "IP Authentication Header", RFC2402, November1998.
  • 2[2]Kent,S. ,and R.Atkinson,"IP Encapsulating Security Payload", RFC2406,November 1998.
  • 3[5]Doraswamy Naganand, Harkins Dan. IPSec: The new security standard for the Intemet intranets,and Virtual Private Network.Prentice Hall Press.2000.
  • 4邱一卉,林成德.基于随机森林方法的异常样本检测方法[J].福建工程学院学报,2007,5(4):392-396. 被引量:7
  • 5Moon Y H, Nah J H. An Efficient Flow Scheme for Identification Various Applications in IP-based Networks[J]. International Journal of Computer Science and Networks, 2008, 12(8): 168-175.
  • 6Corte M, Dusi M, Gringoli F. Traffic Classification Through Simple Statistical Fingerprinting[J]. ACM SIGCOMM Computer Communication Review, 2007, 37(1): 5-16.
  • 7Gebski M, Penew A, Wong R K. Protocol Identification of Encrypted Network Traffic[C] //Proc. of the 2006 IEEE/WIC/ACM International Conf. on Web Intelligence. [S. 1.] : IEEE Press, 2006: 957-960.
  • 8Chen Shuo, Wang Rui, Wang Xiaofeng. Side-channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow[C] // Proc. of 2010 IEEE Symp. on Security and Privacy. [S. 1.] : IEEE Press, 2010: 191-206.
  • 9Herrmann D, Wendolsky R, Federrath H. Website Fingerprinting: Attack Popular Privacy Enhancing Technologies With Multi- nomial Na?ve-bayes Classifier[C] //Proc. of ACM Conf. on Cloud Computing Security. [S. 1.] : ACM Press, 2009: 31-42.
  • 10Bernaille L, Teixeira R, Salamatian K. Early Application Identific- ation[C] //Proc. of CoNEXT’06. New York, USA: [s. n.] , 2006: 1-12.

共引文献190

同被引文献55

引证文献9

二级引证文献10

计算机科学
2021年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部