Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Semi-supervised clustering integrated protocol identification system

A semi-supervised clustering and protocol identification technology, applied in the transmission system, digital transmission system, electrical components, etc., can solve the problems of weak self-adaptive ability, large amount of calculation, single identification method, etc. Moderate, efficient effect

Inactive Publication Date: 2012-07-04
SHENZHEN Y& D ELECTRONICS CO LTD
View PDF2 Cites 50 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0023] 1. With the widespread adoption of technologies such as port hopping information hiding, the recognition rate of the port identification method is extremely low
[0024] 2. The recognition method based on the application feature word has a large amount of calculation and weak self-adaptive ability
Feature recognition can only be recognized for applications with known data formats, and due to the need for comprehensive inspection and analysis of the internal data of the group, the implementation efficiency is low
[0025] 3. There are too many streams generated in one session, which is easy to be misidentified
[0027] 5. The identification method is also relatively single, lacking the mechanism and idea of ​​fusion and integration
[0028] 6. The identification method is to identify from one dimension, lacking multi-dimensional thinking

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Semi-supervised clustering integrated protocol identification system
  • Semi-supervised clustering integrated protocol identification system
  • Semi-supervised clustering integrated protocol identification system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] According to an embodiment of a protocol recognition system based on semi-supervised clustering integration of the present invention, the overall structure diagram is as follows figure 1 shown. refer to figure 1 , the system is generally divided into three parts, namely the data collection part, the part 200 for identifying known protocols and the part 300 for identifying unknown protocols. For clarity, the two parts are separated by a dotted line: functionally, this The system may include a data acquisition device, a device for unpacking and analyzing feature codes, a feature code matching device, a device for clustering unrecognized protocols with several base clusterers; a device for performing semi-supervised learning and training on unknown protocols; And the device that successfully learns and recognizes the unknown protocol.

[0042] Such as figure 1 as shown in:

[0043] The data acquisition device adopts a modular design—that is, the data collector module o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a semi-supervised clustering integrated protocol identification method. The method comprises the following steps: various data packets in a network are acquired; received network data is analyzed, and each field of the data packets is extracted and counted; feature code of network data obtained after the network data is analyzed is matched with various feature codes preset in a data base, if the match is successful, the data packets are corresponding protocols; data not successfully matched is subject to cluster analysis, a plurality of base clustering devices are used to cluster the data packets, and the result is fed back, and a priori label value is modified; and a semi-supervised statistical learning is carried out for the result of the clustering of the network data packets and each known protocol, and a discriminant learner is trained. According to the invention, the terminal protocol identification rate is improved, and the amount of calculation is moderate, so that the efficiency is high; one time of dialog generate less flow, inaccurate identification is not easy; and besides, the method integrates a plurality of identification methods, so as to achieve multi-dimension identification. The invention also discloses a corresponding semi-supervised clustering integrated protocol identification system.

Description

technical field [0001] The invention relates to the fields of information communication and artificial intelligence, especially a system and method for identifying network protocols. Background technique [0002] Currently, there are mainly four methods for network protocol identification: port identification, feature identification, association identification, and behavioral feature identification. details as follows: [0003] Port identification: Ports can be divided into two types: TCP protocol port and UDP protocol port. The port-based protocol identification method is exactly the same as the method of identifying common applications. Check the transmission information of the message group. If the port number is consistent with some specific port numbers Matching, you can judge which type of protocol it belongs to. In the protocol specification, the communication port used by the protocol by default, such as port 80 for HTTP protocol, and port 21 for FTP protocol. In t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/26
Inventor 王红军戚建淮
Owner SHENZHEN Y& D ELECTRONICS CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com