A Method for Quickly and Automatically Identifying Encrypted Network Behavior

An automatic identification and network technology, applied in the field of network security, can solve problems such as high computational overhead, inability to meet online real-time identification, and difficulty in matching encryption application patterns, and achieve the effect of increasing the workload of research and development.

Active Publication Date: 2018-10-16
BEIJING ESAFENET SCI & TECH
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Among them, the principle and implementation of identification based on port numbers are relatively simple, but it is easily affected by dynamic ports and forged ports of encrypted traffic; identification based on payload information is difficult for encrypted application pattern matching, and is easily affected by version upgrades; based on machine learning The recognition accuracy of recognition and flow-based statistical feature recognition is acceptable, but the computational overhead is high and the implementation complexity is high, which cannot meet the requirements of online real-time recognition

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Method for Quickly and Automatically Identifying Encrypted Network Behavior
  • A Method for Quickly and Automatically Identifying Encrypted Network Behavior
  • A Method for Quickly and Automatically Identifying Encrypted Network Behavior

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] Aiming at the problem that it is difficult to identify massive encrypted network behaviors, the present invention proposes a method for quickly and automatically identifying encrypted network behaviors. This method first builds a specific encrypted network behavior model library, then collects network interaction data in real time, and calculates the correlation coefficient between the real-time collected network interaction data and the model library, and performs automatic classification and identification based on the calculated correlation coefficient combined with the preset threshold.

[0028] The present invention will be specifically introduced below in conjunction with the accompanying drawings and specific embodiments.

[0029] In this embodiment, the Android version of Twitter is used as the research object.

[0030] Twitter posting involves text messages and uploading pictures. When sending text messages, the domain name can be obtained from the interaction ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method capable of rapidly automatically identifying encrypted network behaviors, aiming at solving the problem of difficulty in identification of massive encrypted network behaviors. The method includes: constructing a specific encrypted network behavior model library, acquiring network interaction data in real time, computing correlation coefficients of the network interaction data acquired in real time and the model library, and conducting automatic classification and identification by means of combining the computed correlation coefficients with a preset threshold value. The method has the advantages that the method is capable of making online judgment on encrypted traffic of encrypted data timely, rapidly and efficiently, so that the problem that research and development workload is increased due to frequent upgrading of an encryption protocol is solved effectively.

Description

technical field [0001] The invention relates to a method for identifying encrypted network behavior, in particular to a method for quickly and automatically identifying encrypted network behavior, and belongs to the technical field of network security. Background technique [0002] The emergence of the Internet has greatly changed people's communication methods and brought about earth-shaking changes in people's lives. Different users use various applications in the network, and hundreds of millions of application flows are generated every day. These seemingly normal Various malicious attacks may be hidden in the traffic. Therefore, classifying and identifying network traffic is of great significance to standardize network applications, purify the network environment, and protect the privacy and security of network users. This is also a hot issue in the field of network security, especially how to quickly and accurately identify encrypted network behaviors. is the top prior...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/14
Inventor 朱贺军
Owner BEIJING ESAFENET SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap