摘要
随着人们网络安全意识的提高,加密流量呈爆炸式增长,流量加密在保护用户隐私的同时,也为安全检测带来了新的挑战。针对传统基于机器学习的流量识别方法存在需要手动设计分类特征、分类准确率不高等问题,提出一种基于卷积神经网络与自注意力机制(Convolutional Neural Network and Self Attention,CSA)的加密流量分类方法,依据网络流量的层次结构特性,采用卷积神经网络提取数据包内字节流的空间特征、自注意力机制提取数据包之间的时序特征。在公开数据集ISCX VPN-NonVPN上的实验结果表明,CSA模型的分类准确率达到了95.0%,相较基准深度模型,准确率和F1值皆有明显的提升。
With the increasing public awareness of cyber-security,the use of encrypted traffic has exploded.Despite its excellent protection for peoples privacy,encryption traffic technologies have encountered new challenges in security detection.Existing traffic identification methods based on traditional machine learning usually require manually specified classification features and struggle with classification accuracy.In this paper,first,we analyze the hierarchical structure of network traffic.Second,we employ a convolutional neural network to extract spatial features of byte stream inside packets,and a self-attention mechanism to extract timing characteristics between packets.To this end,we propose a method for encrypted traffic classification called convolutional neural network and self-attention(CSA),which could improve classification accuracy up to 95.0%.Empirical results on the standard public data set ISCX VPN-NonVPN demonstrate that the proposed method can boost the accuracy and F1 value significantly.
作者
袁子豪
张洁
YUAN Zihao;ZHANG Jie(School of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210023,China)
出处
《南京邮电大学学报(自然科学版)》
北大核心
2024年第2期111-118,共8页
Journal of Nanjing University of Posts and Telecommunications:Natural Science Edition
基金
国家重点研发计划(2018YFB1500902)
横向项目(2022外342)资助项目。
关键词
加密流量识别
注意力机制
卷积神经网络
深度学习
encrypted traffic identification
attention mechanism
convolutional neural networks
deep learning
