VPN flow identification method based on SSL encryption

An identification method and traffic technology, which is applied in the field of VPN traffic identification based on SSL encryption, can solve the problem of high rate of missed identification

Active Publication Date: 2020-12-22
JIANGSU UNIV OF SCI & TECH
View PDF2 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Aiming at the deficiencies in the prior art, the present invention provides a VPN traffic identification method based on SSL encryption. The proposed method not only effectively solves the traditional SSL encrypted traffic fingerprint The recognition

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • VPN flow identification method based on SSL encryption
  • VPN flow identification method based on SSL encryption
  • VPN flow identification method based on SSL encryption

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0058] Embodiment: A method for identifying VPN traffic based on SSL encryption. Aiming at the problem of high missing recognition rate in traditional SSL encrypted traffic fingerprint identification methods, Bit-level DPI fingerprint generation technology is used to identify SSL traffic. After the data is preprocessed, a bit signature is generated through specific rules, and then the bit signature is encoded with run length. The encoded bit signature is used to generate an SSL state transition machine, which is used to identify SSL traffic. On the basis of identified SSL traffic, the two-way GRU network traffic identification model based on attention mechanism is used to identify SSL VPN traffic.

[0059] like figure 1 As shown, the process of identifying encrypted traffic under category imbalance includes at least: acquiring data sets, data preprocessing, bit-level DPI fingerprint generation, identifying SSL traffic, SSL flow set data preprocessing, identifying SSL VPN encry...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the field of encrypted flow identification, in particular to a VPN flow identification method based on SSL encryption. A Bit-level DPI fingerprint generation technology is adopted to identify SSL flow aiming at the problem of higher missing identification rate of the traditional SSL encrypted flow fingerprint identification method, and a bit signature is generated througha specific rule after preprocessing data, the running length of the bit signature is coded, an SSL state conversion machine is generated by using the coded bit signature to identify SSL flow, SSL VPNflow is identified by using a bidirectional GRU network flow identification model based on an attention mechanism on the basis of the identified SSL flow, and the SSL VPN flow is sent to the SSL stateconversion machine. The method at least comprises the steps of data set acquisition, data preprocessing, Bit-level DPI fingerprint generation, SSL flow identification, SSL flow set data preprocessing, SSL VPN encrypted flow identification and index result analysis.

Description

technical field [0001] The invention relates to the field of encrypted traffic identification, in particular to a VPN traffic identification method based on SSL encryption. Background technique [0002] The rapid development of Internet technology, while bringing convenience to people's lives, will also be used by some criminals for illegal transmission, which has a great impact on the stability and security of cyberspace. People are paying more and more attention to network security issues. Therefore, global encrypted network traffic continues to soar. Although the traffic is encrypted before being transmitted, the security of the transmitted data is guaranteed, but it also increases the difficulty of traffic auditing. Without decryption technology, IT teams would not be able to view the information contained within the traffic. This means that encryption hides malicious traffic as well as other information, leading to a host of worms, trojans and viruses. Therefore, ide...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/851H04L12/24H04L12/46
CPCH04L63/1425H04L41/145H04L47/2483H04L12/4641
Inventor 姜文刚王宇航翟江涛王晰晨
Owner JIANGSU UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap