Encrypted traffic classification method based on two-stage judgment

A traffic classification, two-stage technology, applied in the field of network security and user privacy, can solve the problems of accuracy rate limitation, unsatisfactory, technology has not been widely used, etc., to achieve the effect of improving the classification accuracy rate

Active Publication Date: 2019-11-05
XI AN JIAOTONG UNIV +1
View PDF6 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These machine learning algorithms are relatively simple to use, but the accuracy is limited and cannot reach a satisfactory level
In the k-fingerprinting paper published by USENIX in 2016, a method combining KNN classifier and random forest classifier was also proposed. Their distance calculation uses Hamming distance, so that it can be used when the noise flow is large. Maintain a stability, but the accuracy rate is greatly limited and cannot be effectively improved
[0005] It can be seen that, apart from simple machine learning classification models, the classification methods used in encrypted traffic analysis have not been studied in depth, and related technologies have not been widely used.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Encrypted traffic classification method based on two-stage judgment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0039] Step 1: First, the user provides a collection of encrypted traffic samples. Each encrypted traffic sample in the collection is an original traffic file containing data packets, and has a unique encrypted traffic type label, and the user provides a d-dimensional feature vector, which is recorded as a meta-feature vector. Then extract d-dimensional sequence features for each encrypted traffic, denoted as [f 1 ,f 2 ,..., f d ]. Assuming that there are a total of p encrypted traffic samples, the encrypted traffic type of the i-th encrypted traffic sample is marked as label i Then the encrypted traffic data set is recorded as T, expressed as follows:

[0040] {label 1 :[f 1 ,f 2 ,..., f d ], label 2 :[f 1 ,f 2 ,..., f d ],...,label p :[f 1 ,f 2 ,..., f d ]}

[0041] The sample label label is the network address of each flow, and the sample feature dimension is d.

[0042] Step 2: Train the classification model in the first judgment stage, use the random for...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an encrypted traffic classification method based on two-stage judgment, which comprises the following steps: taking the classification output of a random forest classifier as the input of a K-nearest neighbor classifier, and finally fusing and comparing the results of the two classifiers to finish the classification of traffic data. The output characteristics of the randomforest algorithm and the reliability guarantee of two-stage judgment are fully utilized, and the classification accuracy can be improved. Accoridng to an encrypted traffic classification algorithm based on two-stage judgment, the method comprises the following steps of 1, training a meta-feature sequence to obtain a first-stage classification model, that is, a random forest model containing k trees, then, taking a label output by each tree as a new composite feature vector and input into a K-nearest neighbor classifier to be classified in the second stage, comparing results obtained after twotimes of classification wherein classification succeeds only when the results obtained after two times of classification are the same. Such a two-stage judgment model enables the final classificationaccuracy to be significantly improved.

Description

technical field [0001] The invention belongs to the field of network security and user privacy, and in particular relates to an encrypted traffic classification method based on two-stage judgment. Background technique [0002] In recent years, with the rapid development of the Internet, the network has been closely integrated into our production and life, and network security has become an issue that cannot be ignored. In daily life, people's awareness of network security has gradually increased, and more and more users and enterprises have begun to pay attention to the protection and safe transmission of information. The network behavior recognition technology based on encrypted traffic can be used to realize the security supervision of the network, especially the supervision of illegal business and bad information. Encrypted traffic analysis is to analyze the current user's online behavior through some characteristics of the traffic itself, rather than through the content...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/00
CPCG06N3/006G06F18/24147
Inventor 马小博师马玮安冰玉刘文懋樊志甲赵粤征
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap