CN113037730A - 基于多特征学习的网络加密流量分类方法及系统 - Google Patents
基于多特征学习的网络加密流量分类方法及系统 Download PDFInfo
- Publication number
- CN113037730A CN113037730A CN202110221394.3A CN202110221394A CN113037730A CN 113037730 A CN113037730 A CN 113037730A CN 202110221394 A CN202110221394 A CN 202110221394A CN 113037730 A CN113037730 A CN 113037730A
- Authority
- CN
- China
- Prior art keywords
- traffic
- vector
- feature
- data packet
- model
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 56
- 239000013598 vector Substances 0.000 claims abstract description 89
- 238000013527 convolutional neural network Methods 0.000 claims abstract description 30
- 239000000284 extract Substances 0.000 claims abstract description 16
- 238000007781 pre-processing Methods 0.000 claims abstract description 15
- 238000013136 deep learning model Methods 0.000 claims abstract description 13
- 238000013528 artificial neural network Methods 0.000 claims abstract description 12
- 230000006870 function Effects 0.000 claims description 12
- 239000011159 matrix material Substances 0.000 claims description 10
- 238000004364 calculation method Methods 0.000 claims description 5
- 230000002457 bidirectional effect Effects 0.000 claims description 4
- 238000004140 cleaning Methods 0.000 claims description 3
- 238000010606 normalization Methods 0.000 claims description 3
- 230000011218 segmentation Effects 0.000 claims description 3
- 238000012545 processing Methods 0.000 claims description 2
- 238000011176 pooling Methods 0.000 description 10
- 238000000605 extraction Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 6
- 238000010801 machine learning Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 6
- 238000013135 deep learning Methods 0.000 description 5
- 210000004027 cell Anatomy 0.000 description 4
- 230000002123 temporal effect Effects 0.000 description 4
- 238000013461 design Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000018109 developmental process Effects 0.000 description 2
- 230000000717 retained effect Effects 0.000 description 2
- 238000012549 training Methods 0.000 description 2
- 230000004913 activation Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000003066 decision tree Methods 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 210000002569 neuron Anatomy 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/048—Activation functions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/049—Temporal neural networks, e.g. delay elements, oscillating neurons or pulsed inputs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2441—Traffic characterised by specific attributes, e.g. priority or QoS relying on flow classification, e.g. using integrated services [IntServ]
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Computational Linguistics (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Biomedical Technology (AREA)
- Molecular Biology (AREA)
- Artificial Intelligence (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biophysics (AREA)
- Mathematical Physics (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110221394.3A CN113037730B (zh) | 2021-02-27 | 2021-02-27 | 基于多特征学习的网络加密流量分类方法及系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110221394.3A CN113037730B (zh) | 2021-02-27 | 2021-02-27 | 基于多特征学习的网络加密流量分类方法及系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113037730A true CN113037730A (zh) | 2021-06-25 |
CN113037730B CN113037730B (zh) | 2023-06-20 |
Family
ID=76464659
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110221394.3A Active CN113037730B (zh) | 2021-02-27 | 2021-02-27 | 基于多特征学习的网络加密流量分类方法及系统 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113037730B (zh) |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113452810A (zh) * | 2021-07-08 | 2021-09-28 | 恒安嘉新(北京)科技股份公司 | 一种流量分类方法、装置、设备和介质 |
CN113556328A (zh) * | 2021-06-30 | 2021-10-26 | 杭州电子科技大学 | 基于深度学习的加密流量分类方法 |
CN113627502A (zh) * | 2021-07-30 | 2021-11-09 | 中国人民解放军战略支援部队信息工程大学 | 一种网络加密流量分类方法 |
CN113783795A (zh) * | 2021-07-19 | 2021-12-10 | 北京邮电大学 | 加密流量分类方法及相关设备 |
CN113794687A (zh) * | 2021-08-17 | 2021-12-14 | 北京天融信网络安全技术有限公司 | 基于深度学习的恶意加密流量检测方法及装置 |
CN114205151A (zh) * | 2021-12-12 | 2022-03-18 | 南京理工大学 | 基于多特征融合学习的http/2页面访问流量识别方法 |
CN114301636A (zh) * | 2021-12-10 | 2022-04-08 | 南京理工大学 | 基于流量多尺度时空特征融合的vpn通信行为分析方法 |
CN114615093A (zh) * | 2022-05-11 | 2022-06-10 | 南京信息工程大学 | 基于流量重构与继承学习的匿名网络流量识别方法及装置 |
CN114693669A (zh) * | 2022-04-20 | 2022-07-01 | 中电建路桥集团有限公司 | 基于深度学习的自密实混凝土早期裂缝预测方法及装置 |
CN114818867A (zh) * | 2022-03-29 | 2022-07-29 | 中国电子科技集团公司第五十四研究所 | 一种基于注意力机制的网络流量分类方法 |
CN114884896A (zh) * | 2022-05-07 | 2022-08-09 | 大连理工大学 | 一种基于特征扩展和自动机器学习的移动应用流量感知方法 |
CN115314265A (zh) * | 2022-07-27 | 2022-11-08 | 天津市国瑞数码安全系统股份有限公司 | 基于流量和时序识别tls加密应用的方法和系统 |
CN115563610A (zh) * | 2022-12-05 | 2023-01-03 | 江苏新希望科技有限公司 | 入侵检测模型的训练方法、识别方法和装置 |
CN116055092A (zh) * | 2022-11-15 | 2023-05-02 | 国网思极网安科技(北京)有限公司 | 一种隐蔽隧道攻击行为检测方法和装置 |
CN114401229B (zh) * | 2021-12-31 | 2023-09-19 | 北京理工大学 | 一种基于Transformer深度学习模型的加密流量识别方法 |
WO2024180543A1 (en) * | 2023-02-27 | 2024-09-06 | Ariel Scientific Innovations Ltd. | System and method of classifying network traffic |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018086513A1 (zh) * | 2016-11-08 | 2018-05-17 | 杭州海康威视数字技术股份有限公司 | 一种目标检测方法及装置 |
CN110110707A (zh) * | 2019-05-24 | 2019-08-09 | 苏州闪驰数控系统集成有限公司 | 人工智能cnn、lstm神经网络动态识别系统 |
CN112054967A (zh) * | 2020-08-07 | 2020-12-08 | 北京邮电大学 | 网络流量分类方法、装置、电子设备及存储介质 |
CN112163594A (zh) * | 2020-08-28 | 2021-01-01 | 南京邮电大学 | 一种网络加密流量识别方法及装置 |
CN112235257A (zh) * | 2020-09-24 | 2021-01-15 | 中国人民解放军战略支援部队信息工程大学 | 融合式加密恶意流量检测方法及系统 |
-
2021
- 2021-02-27 CN CN202110221394.3A patent/CN113037730B/zh active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018086513A1 (zh) * | 2016-11-08 | 2018-05-17 | 杭州海康威视数字技术股份有限公司 | 一种目标检测方法及装置 |
CN110110707A (zh) * | 2019-05-24 | 2019-08-09 | 苏州闪驰数控系统集成有限公司 | 人工智能cnn、lstm神经网络动态识别系统 |
CN112054967A (zh) * | 2020-08-07 | 2020-12-08 | 北京邮电大学 | 网络流量分类方法、装置、电子设备及存储介质 |
CN112163594A (zh) * | 2020-08-28 | 2021-01-01 | 南京邮电大学 | 一种网络加密流量识别方法及装置 |
CN112235257A (zh) * | 2020-09-24 | 2021-01-15 | 中国人民解放军战略支援部队信息工程大学 | 融合式加密恶意流量检测方法及系统 |
Non-Patent Citations (3)
Title |
---|
YONG ZHANG等: "Network Intrusion Detection:Based on Hierarchical Network and Original Flow Deep Data", 《IEEE ACCESS》, 3 April 2019 (2019-04-03), pages 37004 - 37016 * |
吴迪等: "BotCatcher:基于深度学习的僵尸网络检测系统", 《通信学报》, no. 08, 25 August 2018 (2018-08-25), pages 20 - 26 * |
周衍挺;: "基于改进的多通道卷积神经网络模型的图像分类方法", 佳木斯大学学报(自然科学版), no. 06 * |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113556328A (zh) * | 2021-06-30 | 2021-10-26 | 杭州电子科技大学 | 基于深度学习的加密流量分类方法 |
CN113452810A (zh) * | 2021-07-08 | 2021-09-28 | 恒安嘉新(北京)科技股份公司 | 一种流量分类方法、装置、设备和介质 |
CN113783795A (zh) * | 2021-07-19 | 2021-12-10 | 北京邮电大学 | 加密流量分类方法及相关设备 |
CN113783795B (zh) * | 2021-07-19 | 2023-07-25 | 北京邮电大学 | 加密流量分类方法及相关设备 |
CN113627502A (zh) * | 2021-07-30 | 2021-11-09 | 中国人民解放军战略支援部队信息工程大学 | 一种网络加密流量分类方法 |
CN113794687A (zh) * | 2021-08-17 | 2021-12-14 | 北京天融信网络安全技术有限公司 | 基于深度学习的恶意加密流量检测方法及装置 |
CN114301636A (zh) * | 2021-12-10 | 2022-04-08 | 南京理工大学 | 基于流量多尺度时空特征融合的vpn通信行为分析方法 |
CN114205151A (zh) * | 2021-12-12 | 2022-03-18 | 南京理工大学 | 基于多特征融合学习的http/2页面访问流量识别方法 |
CN114401229B (zh) * | 2021-12-31 | 2023-09-19 | 北京理工大学 | 一种基于Transformer深度学习模型的加密流量识别方法 |
CN114818867A (zh) * | 2022-03-29 | 2022-07-29 | 中国电子科技集团公司第五十四研究所 | 一种基于注意力机制的网络流量分类方法 |
CN114693669A (zh) * | 2022-04-20 | 2022-07-01 | 中电建路桥集团有限公司 | 基于深度学习的自密实混凝土早期裂缝预测方法及装置 |
CN114884896A (zh) * | 2022-05-07 | 2022-08-09 | 大连理工大学 | 一种基于特征扩展和自动机器学习的移动应用流量感知方法 |
CN114884896B (zh) * | 2022-05-07 | 2023-10-03 | 大连理工大学 | 一种基于特征扩展和自动机器学习的移动应用流量感知方法 |
CN114615093B (zh) * | 2022-05-11 | 2022-07-26 | 南京信息工程大学 | 基于流量重构与继承学习的匿名网络流量识别方法及装置 |
CN114615093A (zh) * | 2022-05-11 | 2022-06-10 | 南京信息工程大学 | 基于流量重构与继承学习的匿名网络流量识别方法及装置 |
CN115314265A (zh) * | 2022-07-27 | 2022-11-08 | 天津市国瑞数码安全系统股份有限公司 | 基于流量和时序识别tls加密应用的方法和系统 |
CN115314265B (zh) * | 2022-07-27 | 2023-07-18 | 天津市国瑞数码安全系统股份有限公司 | 基于流量和时序识别tls加密应用的方法和系统 |
CN116055092A (zh) * | 2022-11-15 | 2023-05-02 | 国网思极网安科技(北京)有限公司 | 一种隐蔽隧道攻击行为检测方法和装置 |
CN115563610A (zh) * | 2022-12-05 | 2023-01-03 | 江苏新希望科技有限公司 | 入侵检测模型的训练方法、识别方法和装置 |
WO2024180543A1 (en) * | 2023-02-27 | 2024-09-06 | Ariel Scientific Innovations Ltd. | System and method of classifying network traffic |
Also Published As
Publication number | Publication date |
---|---|
CN113037730B (zh) | 2023-06-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113037730B (zh) | 基于多特征学习的网络加密流量分类方法及系统 | |
CN113162908B (zh) | 一种基于深度学习的加密流量检测方法及系统 | |
CN112163594B (zh) | 一种网络加密流量识别方法及装置 | |
CN112953924B (zh) | 网络异常流量检测方法、系统、存储介质、终端及应用 | |
Marín et al. | Rawpower: Deep learning based anomaly detection from raw network traffic measurements | |
CN109831392B (zh) | 半监督网络流量分类方法 | |
Yang et al. | TLS/SSL encrypted traffic classification with autoencoder and convolutional neural network | |
CN110417729B (zh) | 一种加密流量的服务与应用分类方法及系统 | |
CN110751222A (zh) | 基于cnn和lstm的在线加密流量分类方法 | |
CN111064678A (zh) | 基于轻量级卷积神经网络的网络流量分类方法 | |
CN112804253B (zh) | 一种网络流量分类检测方法、系统及存储介质 | |
CN113364787A (zh) | 一种基于并联神经网络的僵尸网络流量检测方法 | |
CN112491894A (zh) | 一种基于时空特征学习的物联网网络攻击流量监测系统 | |
CN113472751B (zh) | 一种基于数据包头的加密流量识别方法及装置 | |
Wang et al. | Using CNN-based representation learning method for malicious traffic identification | |
Rong et al. | TransNet: Unseen malware variants detection using deep transfer learning | |
Wang et al. | An unknown protocol syntax analysis method based on convolutional neural network | |
CN117056797A (zh) | 基于非平衡数据的加密流量分类方法、设备及介质 | |
CN115134176B (zh) | 一种基于不完全监督的暗网加密流量分类方法 | |
Kumar et al. | Deep Learning Based Optimal Traffic Classification Model for Modern Wireless Networks | |
CN114362988B (zh) | 网络流量的识别方法及装置 | |
CN108494620A (zh) | 基于多目标自适应演化算法的网络业务流特征选择与分类方法 | |
Zhai et al. | ODTC: An online darknet traffic classification model based on multimodal self-attention chaotic mapping features. | |
CN115334005B (zh) | 基于剪枝卷积神经网络和机器学习的加密流量识别方法 | |
CN115378701B (zh) | 基于深度学习模型的加密流量识别分类的方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: 450000 Science Avenue 62, Zhengzhou High-tech Zone, Henan Province Patentee after: Information Engineering University of the Chinese People's Liberation Army Cyberspace Force Country or region after: China Patentee after: Purple Mountain Laboratories Address before: No. 62 Science Avenue, High tech Zone, Zhengzhou City, Henan Province Patentee before: Information Engineering University of Strategic Support Force,PLA Country or region before: China Patentee before: Purple Mountain Laboratories |
|
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: No. 62 Science Avenue, High tech Zone, Zhengzhou City, Henan Province Patentee after: Information Engineering University of Strategic Support Force,PLA Country or region after: China Patentee after: Zijinshan Laboratory Address before: No. 62 Science Avenue, High tech Zone, Zhengzhou City, Henan Province Patentee before: Information Engineering University of Strategic Support Force,PLA Country or region before: China Patentee before: Purple Mountain Laboratories |