摘要
现有的加密流量检测技术缺少对数据和模型的隐私性保护,不仅违反了隐私保护法律法规,而且会导致严重的敏感信息泄露。主要研究了基于梯度提升决策树(GBDT)算法的加密流量检测模型,结合差分隐私技术,设计并实现了一个隐私保护的加密流量检测系统。在CICIDS2017数据集下检测了DDoS攻击和端口扫描的恶意流量,并对系统性能进行测试。实验结果表明,当隐私预算ε取值为1时,两个数据集下流量识别准确率分别为91.7%和92.4%,并且模型的训练效率、预测效率较高,训练时间为5.16 s和5.59 s,仅是GBDT算法的2~3倍,预测时间与GBDT算法的预测时间相近,达到了系统安全性和可用性的平衡。
Existing encrypted traffic detection technologies lack privacy protection for data and models,which will violate the privacy preserving regulations and increase the security risk of privacy leakage.A privacy-preserving encrypted traffic detection system was proposed.It promoted the privacy of the encrypted traffic detection model by combining the gradient boosting decision tree(GBDT)algorithm with differential privacy.The privacy-protected encrypted traffic detection system was designed and implemented.The performance and the efficiency of proposed system using the CICIDS2017 dataset were evaluated,which contained the malicious traffic of the DDoS attack and the port scan.The results show that when the privacy budget value is set to 1,the system accuracy rates are 91.7%and 92.4%respectively.The training and the prediction of our model is efficient.The training time of proposed model is 5.16 s and 5.59 s,that is only 2-3 times of GBDT algorithm.The prediction time is close to the GBDT algorithm.
作者
张心语
张秉晟
孟泉润
任奎
ZHANG Xinyu;ZHANG Bingsheng;MENG Quanrun;REN Kui(School of Cyber Science and Technology,Zhejiang University,Hangzhou 310000,China)
出处
《网络与信息安全学报》
2021年第4期101-113,共13页
Chinese Journal of Network and Information Security
基金
国家自然科学基金(62032021,61772236)
浙江省重点研发计划(2019C03133)
阿里巴巴−浙江大学前沿技术联合研究所,浙江大学网络空间治理研究所,创新创业团队浙江省引进计划(2018R01005)
移动互联网系统与应用安全国家工程实验室2020开放课题。
关键词
隐私保护
加密流量检测
梯度提升决策树
差分隐私
privacy-preserving
encrypted traffic detection
gradient boosting decision tree
differential privacy
