Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Machine-learning-based flow identification technology

A traffic identification and machine learning technology, applied in character and pattern recognition, instruments, computer components, etc., can solve the problems of unable to identify encrypted traffic, unable to match, unable to extract features, etc.

Active Publication Date: 2018-11-16
SICHUAN UNIV
View PDF10 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] "A Malicious Encrypted Traffic Identification Technology Based on Machine Learning" is an invention proposed to solve the problem of identifying malicious traffic without decrypting encrypted traffic
The problem that feature matching cannot identify encrypted traffic lies in two points: the feature cannot be extracted, and the matching cannot be performed. In the present invention, statistical features solve the problem of feature extraction, and machine learning solves the problem of matching

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Machine-learning-based flow identification technology
  • Machine-learning-based flow identification technology
  • Machine-learning-based flow identification technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017] The present invention is mainly used for identification of malicious encrypted traffic. The sources of malicious traffic identified include malicious attack software, scanning software, phishing websites, Trojan viruses, malicious mining machines, etc. Since the data used in modeling is the statistical characteristics of traffic, the model According to the data samples, the statistical laws of malicious encrypted traffic can be mastered, not only known malicious encrypted traffic can be identified, but also unknown new malicious traffic can be identified.

[0018] The technical framework of the invention will be described below in conjunction with the accompanying drawings.

[0019] figure 1 Invented technical process framework

[0020] figure 1 It is a technical framework diagram of the present invention, which adopts a layered model framework. Each layer has a different function, and the input of each layer is derived from the output of the previous layer. The in...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a machine-learning-based flow identification technology. An identified object is an encrypted malicious flow. The provided machine-learning-based flow identification technology is not only mainly applied to the flow identification filed but also applied to the field of network attack detection in an assisted manner. The machine-learning-based flow identification technologyis characterized by establishing malicious encrypted flow identification model by using a machine learning algorithm and identifying a new flow by the model. The working flow of the novel technologyis as follows: lots of known attribute flow data are read; statistical characteristics of the flow are extracted and the extracted characteristics are used as attributes; a model is established by using a random forest algorithm; and then a newly inputted flow is identified by using the model. The identification process of the newly inputted flow is as follows: extracting statistical characteristics of the flow, inputting the statistical characteristics into the model for identification, and acquiring an identification result. According to the invention, the technology is oriented at the encrypted and coded flows and data participating in modeling are formed by normal encrypted flow and the malicious encrypted flow. At present, the existing non-encrypted flow identification technology is mature but the encrypted or coded flow identification can not be carried out easily; however, the invention provides a novel solution method for identification of the encrypted flow.

Description

technical field [0001] The present invention relates to the field of encrypted traffic identification and traffic statistical feature modeling. The main core is to collect the statistical features of a large number of traffic data samples, use the data to establish a machine learning model, and use the constructed model to identify malicious encrypted traffic. technical background [0002] At present, most traditional traffic identification technologies mainly rely on feature matching and are widely used in plaintext traffic identification. However, due to the encrypted or encoded malicious traffic, its related features cannot be directly extracted, so it is impossible to directly use the matching feature technology to detect and identify encrypted malicious traffic. The premise of traditional traffic identification technology to extract features is to decrypt encrypted traffic, but this involves the issue of privacy violations. The encryption of malicious traffic is to esca...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06K9/62
CPCH04L63/1408H04L63/1441G06F18/24323
Inventor 方勇许益家郑荣锋李扬
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com