A Malicious Encrypted Traffic Identification Method Based on Machine Learning

A traffic identification and machine learning technology, applied in character and pattern recognition, instruments, computer components, etc., can solve the problems of unable to identify encrypted traffic, unable to match, unable to extract features, etc.

Active Publication Date: 2019-11-08
SICHUAN UNIV
View PDF10 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] "A method for identifying malicious encrypted traffic based on machine learning" is an invention proposed to solve the problem of identifying malicious traffic without decrypting encrypted traffic
The problem that feature matching cannot identify encrypted traffic lies in two points: the feature cannot be extracted, and the matching cannot be performed. In the present invention, statistical features solve the problem of feature extraction, and machine learning solves the problem of matching

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Malicious Encrypted Traffic Identification Method Based on Machine Learning
  • A Malicious Encrypted Traffic Identification Method Based on Machine Learning
  • A Malicious Encrypted Traffic Identification Method Based on Machine Learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] The present invention is mainly used for identification of malicious encrypted traffic. The sources of malicious traffic identified include malicious attack software, scanning software, phishing websites, Trojan viruses, malicious mining machines, etc. Since the data used in modeling is the statistical characteristics of traffic, the model According to the data samples, the statistical laws of malicious encrypted traffic can be mastered, not only known malicious encrypted traffic can be identified, but also unknown new malicious traffic can be identified.

[0019] The technical framework of the invention will be described below in conjunction with the accompanying drawings.

[0020] figure 1 Invented technical process framework

[0021] Figure 1 It is a technical framework diagram of the present invention, which adopts a layered model framework. Each layer has a different function, and the input of each layer is derived from the output of the previous layer. The in...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention is a traffic identification technology based on machine learning, and the object of identification is encrypted malicious traffic. The technology is mainly used in the field of traffic identification, and can also be assisted in the field of network attack detection. The technical core of this technology is to use machine learning algorithms to establish a malicious encrypted traffic identification model, and then use the model to identify new traffic. The workflow of this technology is to read a large amount of traffic data with known attributes, extract the statistical characteristics of the traffic, use the characteristics as attributes, use the random forest algorithm to build a model, and finally use the model to identify new input traffic. The identification process of the new input traffic is to extract the statistical characteristics of the traffic, input the model for identification, and obtain the identification result. This technology is mainly aimed at encrypted and encoded traffic. The data involved in modeling are all composed of normal encrypted traffic and malicious encrypted traffic. This is because the identification technology of non-encrypted traffic is very mature, but the identification of encrypted or encoded traffic is not. It is very difficult, and this technology provides a new solution for the identification of encrypted traffic.

Description

technical field [0001] The present invention relates to the field of encrypted traffic identification and traffic statistical feature modeling. The main core is to collect the statistical features of a large number of traffic data samples, use the data to establish a machine learning model, and use the constructed model to identify malicious encrypted traffic. [0002] technical background [0003] At present, most traditional traffic identification technologies mainly rely on feature matching and are widely used in plaintext traffic identification. However, due to the encrypted or encoded malicious traffic, its related features cannot be directly extracted, so it is impossible to directly use the matching feature technology to detect and identify encrypted malicious traffic. The premise of traditional traffic identification technology to extract features is to decrypt encrypted traffic, but this involves the issue of privacy violations. The encryption of malicious traffic is...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06K9/62
CPCH04L63/1408H04L63/1441G06F18/24323
Inventor 方勇许益家郑荣锋李扬
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap