Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Encrypted traffic identification method and device based on characteristic self-learning

A traffic identification and self-learning technology, applied in the field of network security, can solve the problems of high labor cost, labor-consuming, data packet content cannot be accessed in plain text, etc., and achieve the effect of high-precision recognition rate

Active Publication Date: 2017-05-31
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF4 Cites 32 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] 1. It is impossible to identify traffic using dynamic ports and commonly used protocol ports. In order to avoid detection and supervision, some application software will use hidden or counterfeit port numbers, such as changing to dynamic ports or commonly used protocol ports, which reduces the accuracy of port-based identification methods.
[0005] 2. The above method identifies traffic by performing feature matching on the application layer data of the data packet, but the content of the data packet of encrypted traffic cannot be accessed in plain text, making it impossible to extract features, and thus cannot be effectively identified
[0006] 3. Reverse cracking technology requires manual analysis based on experience, which is relatively labor-intensive and cannot achieve large-scale processing
[0007] 4. The features used in the existing technology need to be manually extracted and selected in advance based on experience
With the increase of traffic complexity, the labor cost caused by manual extraction and selection of features is too high, especially when the scale of traffic data is large, there is also the problem that the selected features are not accurate enough due to subjectivity

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Encrypted traffic identification method and device based on characteristic self-learning
  • Encrypted traffic identification method and device based on characteristic self-learning
  • Encrypted traffic identification method and device based on characteristic self-learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] In order to solve the problem of improving the identification rate of encrypted traffic in the prior art, the present invention provides a method and device for identifying encrypted traffic based on feature self-learning. The present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments . It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0027] An encrypted traffic identification method based on feature self-learning in an embodiment of the present invention includes:

[0028] Convert the obtained current network traffic data packets into normalized values ​​or normalized grayscale values;

[0029] Save the normalized value corresponding to the current network traffic data packet into a text file; or generate a grayscale image from the normalized grayscale value corresponding to the current network traffic...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an encrypted traffic identification method and device based on characteristic self-learning and is used for improving an identification rate of encrypted traffic in the prior art. The method comprises the steps of converting obtained current network traffic data packets into normalized numerical values or normalized gray values; storing the normalized numerical values corresponding to the current network traffic data packets in a text file; or generating a gray image according to the normalized gray values corresponding to the current network traffic data packets and storing the gray image in an image file; taking the text file or the image file as pre-trained test input of an encrypted traffic classifier; and identifying a traffic type of the current network traffic data packets through the encrypted traffic classifier.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method and device for identifying encrypted traffic based on feature self-learning. Background technique [0002] With the continuous development and popularization of the network, it is required that the network supervisory agency can effectively identify, classify and control various network traffic, thereby greatly improving the effectiveness and security of network management. However, with the development of the network, the forms of traffic are ever-changing, which increases the complexity of traffic identification. Among them, encrypted traffic occupies a considerable proportion in the network, which brings new challenges to traffic identification. [0003] Drawbacks of existing traffic identification technologies include: [0004] 1. It is impossible to identify traffic using dynamic ports and commonly used protocol ports. In order to avoid detection and supervision, so...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/26
CPCH04L43/00H04L63/1408
Inventor 任艳萍
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com