A keyword-based network trajectory classification method and device

A trajectory classification and keyword technology, applied in the field of information security, can solve problems such as heavy workload and low efficiency

Active Publication Date: 2022-04-15
SOUTH CENTRAL UNIVERSITY FOR NATIONALITIES
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] In view of this, the present invention provides a method and device for classifying network traces based on keywords to solve or at least partially solve the technical problems of heavy workload and low efficiency in the methods in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A keyword-based network trajectory classification method and device
  • A keyword-based network trajectory classification method and device
  • A keyword-based network trajectory classification method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0073] This embodiment provides a network track classification method based on keywords, please refer to figure 1 , the method includes:

[0074] Step S1: Based on the K-means method of flow statistical characteristics, the input mixed protocol trajectory is initially classified to obtain K first trajectory clusters; in each cluster, the length of the trajectory flow is arranged in reverse order, and the Needlman_Wunsch method is used for two The two compare the protocol traces with similar lengths, divide the traces into fixed field IF and variable field VF, and calculate the length IF_l of each fixed field and the position information IF_s of the fixed field.

[0075] Specifically, step S1 is to use a trajectory segmentation method to obtain a preliminary classified first trajectory cluster. The input of the trajectory segmentation method is the trajectory flow of the mixed network. First, the K-means method based on the statistical characteristics of the flow initially div...

Embodiment 2

[0131] This embodiment provides a device for classifying network traces based on keywords, please refer to Figure 11 , the device consists of:

[0132] The trajectory segmentation module 201 is used for the K-means method based on the flow statistical characteristics, and initially classifies the input mixed protocol trajectory to obtain K first trajectory clusters; in each cluster, arrange in reverse order according to the length of the trajectory flow, Use the Needlman_Wunsch method to compare protocol trajectories with similar lengths in pairs, divide the trajectories into fixed field IF and variable field VF, and calculate the length IF_l of each fixed field and the position information IF_s of the fixed field;

[0133] The IF distribution solving module 202 is used to use the IF_1 weighting method to weight the length IF_1 of the fixed field to obtain the weight IF_w of the IF; and then use the curve fitting method to perform curve fitting on the IF with IF_w and IF_s as...

Embodiment 3

[0164] Based on the same inventive concept, the present application also provides a computer-readable storage medium 300, please refer to Figure 12 , on which a computer program 311 is stored, and the method in Embodiment 1 is implemented when the program is executed.

[0165] Since the computer-readable storage medium introduced in the third embodiment of the present invention is the computer-readable storage medium used to implement the keyword-based network trajectory classification method in the first embodiment of the present invention, it is based on the introduction in the first embodiment of the present invention method, those skilled in the art can understand the specific structure and deformation of the computer-readable storage medium, so details are not repeated here. All computer-readable storage media used in the method of Embodiment 1 of the present invention belong to the scope of protection of the present invention.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a keyword-based network trajectory classification method and device. The classification method first obtains the first trajectory cluster by combining the flow statistics feature with the K-means method, and uses each cluster of the first trajectory cluster as the trajectory segmentation method. Input, divided into fixed field IF and variable field VF, and calculate the length of each fixed field and the location information of the fixed field; then use the IF distribution fitting method to perform curve fitting to obtain the IF position distribution curve; then use the IF classification method to obtain The type of IF contained in each extreme value interval and the quantity of various IFs, and then the type of IF contained in each extreme value interval and the quantity of various IFs are input into the trajectory clustering method, and the second trajectory cluster is output, and then The delimiter is inferred by the keyword inference method, and the keyword is separated from the IF according to the delimiter, and finally the signature database is formed. The invention can greatly improve the classification efficiency while improving the classification accuracy.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method and device for classifying network traces based on keywords. Background technique [0002] Classification of network traffic is the basis for ensuring cyberspace security. Traffic classification identifies different types of network protocol flows, which is of great significance for ensuring communication security, network management, network attack and defense, intrusion detection, and protocol reverse. [0003] With the development of the Internet, the era of 5G Internet of Everything is about to usher in. Terminals such as computers, mobile phones, and sensors generate a large amount of traffic, and the classification management of a large amount of traffic poses challenges to the existing traffic classification schemes. Traffic classification is crucial to network management, such as monitoring network resources, discovering and handling network faults...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L41/0896H04L9/40G06K9/62
CPCH04L41/0896H04L63/1408G06F18/23213G06F18/24
Inventor 孟博何旭东王德军李子茂
Owner SOUTH CENTRAL UNIVERSITY FOR NATIONALITIES
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap