Network encrypted traffic recognition method and device
A traffic identification, network technology
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Embodiment 1
[0089] The present invention provides a method for identifying network encrypted traffic, which is characterized in that it includes the following process:
[0090] Obtain the encrypted traffic file to be identified;
[0091] Pre-processing the encrypted traffic to be identified, the pre-processing includes: dividing the encrypted traffic stream into multiple streams; then collecting multiple continuous data packets from each stream as samples; finally vectorizing each sample, Standardize processing to obtain a formatted set of sample vectors;
[0092] Input the sample vector set obtained after preprocessing into the pre-trained hybrid neural network model to obtain a prediction vector, and the element values in this prediction vector represent the predicted values of encrypted traffic belonging to each category;
[0093]The hybrid neural network model includes: a 1D-CNN network, a stacked bidirectional LSTM network and a fully connected layer network; wherein the 1D-CNN ...
Embodiment 2
[0097] The extraction of features used to identify encrypted traffic is related to traffic preprocessing methods, vectorization methods, and information about different parts of the traffic data stream. For example, traffic metadata and payload information, which can provide different and effective features for identifying encrypted traffic. In this solution, on the one hand, it is considered to combine information such as flow meta-information, data packet partial load, and timing characteristics between data packets to improve data integrity. On the other hand, in this method, a hybrid neural network model is designed for automatic representation learning of the above information.
[0098] figure 1 It is an overall frame diagram of the method of the present invention, which mainly includes two stages: a preprocessing stage and a classification stage. The preprocessing stage directly converts raw traffic into standard data, which includes four steps: stream segmentation, st...
Embodiment 3
[0181] Correspondingly, the present invention also provides a network encrypted traffic identification device, including an encrypted traffic acquisition module, a preprocessing module, a classification prediction module, and a classification identification module; wherein:
[0182] An encrypted traffic acquisition module, configured to acquire encrypted traffic files to be identified;
[0183] A preprocessing module, configured to preprocess the encrypted traffic to be identified, the preprocessing module includes a flow segmentation unit, a collection unit and a vectorization unit, wherein:
[0184] A stream splitting unit, configured to split the encrypted traffic stream into multiple streams;
[0185] an acquisition unit, configured to acquire a plurality of continuous data packets from each flow as samples;
[0186] The vectorization unit is used to vectorize and standardize each sample to obtain a formatted sample vector set;
[0187] The classification prediction modu...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com