Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Encrypted traffic analysis feature extraction method and system, storage medium and safety equipment

A technology of feature extraction and traffic analysis, applied in the direction of transmission system, instrument, character and pattern recognition, etc., can solve the problems of unrecorded extraction process, slow development, difficult traceability, etc., to improve data richness, save time and cost, feature Choose a lot of effects

Active Publication Date: 2020-06-12
XIDIAN UNIV
View PDF5 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] To sum up, the problems existing in the existing technology are: in the existing malicious encrypted traffic identification technology, there is no process record for the feature extraction of relevant traffic, the feature extraction is complicated, the selection amount is small, the data aggregation is difficult, and the traceability analysis is difficult
However, there are many problems in the application of machine learning in the field of encrypted traffic identification, and the development is very slow. The main reason is that the identification effect of machine learning strongly depends on the extraction of traffic features in feature engineering.
For the identification of malicious encrypted traffic, the use of general features of ordinary traffic will increase the coupling between features, resulting in mediocre identification results; features are directly extracted from data streams, and the extraction process is not recorded, resulting in difficulties in subsequent traceability

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Encrypted traffic analysis feature extraction method and system, storage medium and safety equipment
  • Encrypted traffic analysis feature extraction method and system, storage medium and safety equipment
  • Encrypted traffic analysis feature extraction method and system, storage medium and safety equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] In order to make the object, technical solution and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0054] Aiming at the problems existing in the prior art, the present invention provides an encrypted traffic analysis feature extraction method, system, storage medium, and security device. The present invention will be described in detail below in conjunction with the accompanying drawings.

[0055] Such as figure 1 As shown, the encrypted traffic analysis feature extraction method provided by the embodiment of the present invention includes the following steps:

[0056] S101: collecting raw traffic data;

[0057] S102: Preprocessing the collected original data packets to filter out traffic data of encrypted communicatio...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of network security and communication, and discloses an encrypted traffic analysis feature extraction method and system, a storage medium and security equipment. The method comprises the steps: collecting original traffic data ; preprocessing the collected original data packet, and filtering traffic data of SSL / TLS encryption communication; performing deep packet analysis on the streaming data to generate a traffic analysis log; performing log aggregation according to the connection quadruple information and the index information in each log to forma flow feature call chain, and performing feature extraction according to the call chain to obtain an initial data set; and determining an optimal supervised learning classification algorithm in thecurrent environment, determining an optimal parameter by using a grid parameter optimization method, and evaluating the feature extraction accuracy by using a ten-fold cross validation method. According to the method, the classification effect is optimal by adopting the random forest algorithm, the obtained accuracy is as high as 99.96%, the result shows that SSL / TLS encryption features used by all malicious families are different, and the classification effect is remarkable.

Description

technical field [0001] The invention belongs to the technical field of network security and communication, and in particular relates to an encrypted traffic analysis feature extraction method, system, storage medium and security equipment. Background technique [0002] At present, the closest existing technology: With the widespread use of encrypted traffic in the network and the frequent emergence of new malware, network attacks based on encryption technology are becoming more and more rampant, causing huge hidden dangers to cyberspace security. Currently, methods for identifying malicious encrypted traffic mainly include methods based on deep packet inspection, methods based on statistical characteristics of data packets, methods based on timing characteristics, methods based on machine learning, and methods based on multi-policy fusion. Among them, it is difficult to match the payload of encrypted traffic using keywords, and the timing characteristics of data collected fo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06K9/62G06N20/00
CPCH04L63/1416H04L63/1425G06N20/00H04L2463/146G06F18/24323G06F18/214
Inventor 赵兴文丁潇李晖朱辉戴睿萧明炽
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com