Unlock instant, AI-driven research and patent intelligence for your innovation.

HTTPS streaming service online identification method suitable for large-scale network environment

A network environment and streaming service technology, applied in the field of HTTPS streaming service online identification, can solve the problems of inability to effectively identify HTTPS streams and low stream recognition rate, and achieve the effect of not easy to deceive and low resource consumption.

Active Publication Date: 2019-09-27
SICHUAN UNIV
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although some methods have designed data expiration removal and data structure maximum capacity limitation mechanisms, the method of using the client IP address and server IP address as the retrieval key is always faced with the lack of DNS requests caused by the DNS cache mechanism. The problem of being unable to effectively identify HTTPS streams eventually leads to a low stream identification rate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • HTTPS streaming service online identification method suitable for large-scale network environment
  • HTTPS streaming service online identification method suitable for large-scale network environment
  • HTTPS streaming service online identification method suitable for large-scale network environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] The present invention will be described in further detail below in conjunction with the accompanying drawings and specific embodiments. like figure 1 shown, including the following steps:

[0053] Step 1: According to the properties of HTTPS and DNS traffic in the actual network, calculate the sliding time window parameters for reading HTTPS flow and DNS flow.

[0054] The formula for calculating the sliding time window size w of DNS is: w≈TTL most +Duration most , where TTL most According to the calculation of the domain name life cycle (TTL) value obtained from the DNS response data in the actual network for a period of time, find the condition CDF(ttl≤TTL most )≥TTL_Thresd established TTL value; Duration most According to the calculation of the duration of HTTPS flow in a period of time in the actual network, find the condition CDF(duration≤Duration most ) ≥ Duration_Thresd holds for the HTTPS stream duration value. The function CDF() represents the cumulative...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an HTTPS streaming service online identification method suitable for a large-scale network environment. The method comprises the following steps: 1) calculating sliding time window parameters for reading HTTPS flow and DNS flow according to attributes of HTTPS and DNS flows in an actual network, and then reading HTTPS flow data and DNS flow data from the network flow in real time by adopting a sliding window mechanism; under each sliding time window, 2) respectively processing the DNS data and the HTTPS data into a data set in a key value pair format; 3) establishing association between the HTTPS and the DNS through a two-stage association method; and 4) selecting one or more of the associated domain names as the service identifier of the HTTPS stream by adopting a candidate service identifier determination method based on the DNS request behavior of the client. The method is applied to real-time automatic HTTPS flow service refinement identification in a large-scale network environment, a classification identifier used for identifying the HTTPS flow does not need to be determined in advance, a webpage fingerprint library does not need to be established in advance, cheating by an attacker is not likely to happen, and resource consumption is low.

Description

technical field [0001] The invention belongs to the field of network security and information technology, and in particular relates to an HTTPS streaming service online identification method suitable for a large-scale network environment. Background technique [0002] In recent years, encrypted traffic represented by HTTPS has continued to grow significantly. At present, more than half of the world's web traffic is transmitted using HTTPS. Online identification of services carried over HTTPS streams has important implications for network security management. At present, the identification methods for HTTPS flow services mainly include service identification based on fingerprint attack, methods based on Server Name Indication (SNI) and methods based on DNS and flow association. [0003] The service identification method based on fingerprint attack constructs webpage fingerprints by observing the patterns of data flow to infer encrypted or anonymously connected encrypted webp...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/08H04L29/12
CPCH04L67/02H04L61/4511
Inventor 曾雪梅陈兴蜀何涛王丽娜岳亚伟文奕韩珍辉
Owner SICHUAN UNIV