Method for extracting unknown protocol features

An extraction method and protocol feature technology, which is applied in the field of extraction of unknown protocol features, can solve problems such as monitoring and detection of channel models that cannot steal secrets, and achieve the effect of reducing the number and efficient identification

Active Publication Date: 2015-07-22
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] With the increasingly complex development of the network, ensuring the security of the information network has become the core content of the national informatization strategy; in a specific network environment, the threat of stealing secrets through special means is becoming more and more severe, and such stealing channels are usually through wireless communication In addition, the protocols used in this kind of communication are all unconventional dedicated unknown protocols, and the existing preventive measures are basically only for known protocols, most of which are based on port mapping or static feature matching. Monitoring and detection of stealth-like channel models

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for extracting unknown protocol features
  • Method for extracting unknown protocol features
  • Method for extracting unknown protocol features

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The technical solution of the present invention will be further described in detail below in conjunction with the accompanying drawings, but the protection scope of the present invention is not limited to the following description.

[0036] Such as figure 1 As shown, an extraction method of unknown protocol features, it includes the following steps:

[0037] S1. Randomly divide the data frame of each protocol in the data set into two parts, segment each part by byte, and count the number of occurrences and frequency of each byte to obtain frequent bytes;

[0038] S2. Use the Jaccard parameter to screen the frequent bytes, and select the frequent bytes corresponding to each protocol;

[0039] S3. Splicing the consecutive frequently occurring bytes corresponding to a protocol to obtain the characteristic long string, that is, the frequent string, and filtering out the characteristic long string whose number of bytes is greater than 50% of the total number of bytes in the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for extracting unknown protocol features. The method includes: the data frames of each kind of protocol are divided into two parts, each part is segmented according to bytes, and occurrence times and frequencies of each byte are counted to obtain frequent bytes; the frequent bytes are screened to obtain the frequent bytes corresponding to each kind protocol; splicing the frequent bytes, which occurs continuously, corresponding to each kind protocol to obtain feature long strings, namely frequent strings, and the frequent strings are screened to obtain the feature candidate set of each kind of protocol; the data frames of each kind of protocol are represented into vectors according to the corresponding feature candidate set; a correlative feature selecting CFS algorithm is used to perform feature selection on each feature candidate set, and the selected features are recorded; a KNN algorithm is used to categorize the features, and categorizing accuracy rate and recognition rate are statistically counted. By the method for extracting unknown protocol features, decision makers can effectively recognize unknown protocols.

Description

technical field [0001] The invention relates to a method for extracting unknown protocol features. Background technique [0002] With the increasingly complex development of the network, ensuring the security of the information network has become the core content of the national informatization strategy; in a specific network environment, the threat of stealing secrets through special means is becoming more and more serious, and such secret stealing channels are usually through wireless communication In addition, the protocols used in such communication are all unconventional dedicated unknown protocols, and the existing preventive measures are basically only for known protocols, most of which are based on port mapping or static feature matching, which cannot Monitoring and detection of similar stealing channels and models. [0003] In order to ensure the safe operation of the network and the early warning of attacks and harmful behaviors, decision makers urgently need to a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/26
CPCH04L43/18H04L69/02
Inventor 张凤荔周洪川张春瑞王勇张俊娇
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap