摘要
要对网络数据包所采用的应用层协议进行识别,保证半导体生产环境的安全,使用传统的基于服务端口和特征字的识别方式都具有一定的局限性,无法达到所需的准确度。针对这种情况,提出一种基于HSMS(High Speed Message Services)头部信息和SECS2数据本身固定模式的识别模型,结合深度包检测、深度流检测、机器学习等技术对SECS2流量进行识别。实验结果表明,该模型能有效地识别SECS2数据包,误判率仅为0.598 8%,相比传统识别方式,误判率降低了29.469 6%。
In order to identify the application layer protocol used in the network packet,to ensure the security of the semiconductor production environment,the traditional recognition methods based on server port and feature words have certain limitations and cannot achieve the required accuracy.In view of this situation,a recognition model based on HSMS header information and the fixed pattern of SECS2 data is proposed,which combined deep packet inspection,deep flow inspection,and machine learning to identify the SECS2 traffic.Experimental results show that this model can effectively identify SECS2 packets,and the misjudgment rate is only 0.5988%,which is 29.4696%lower than the traditional identification method.
作者
唐璇
严明
万仕贤
Tang Xuan;Yan Ming;Wan Shixian(School of Computer Science,Fudan University,Shanghai 200000,China)
出处
《计算机应用与软件》
北大核心
2024年第9期127-135,共9页
Computer Applications and Software
基金
2019年工业互联网创新发展工程项目。
