Https malicious encrypted traffic detection method and system based on machine learning

A technology of machine learning and detection methods, which is applied in transmission systems, advanced technologies, electrical components, etc., can solve problems such as unsatisfactory fast analysis, long data processing and caching time, and low data processing efficiency, so as to achieve rapid detection of malicious traffic. Online detection, does not affect the effect of network performance

Active Publication Date: 2021-01-22
北京六方云信息技术有限公司
View PDF4 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The problem with using an interceptor is that it's expensive, computationally demanding, while causing network performance degradation, and it doesn't respect the original idea of ​​https to have private and secure communication
[0004] In a real environment, the daily https encrypted traffic data is generally massive. In a stand-alone environment, it takes a long time to process and cache the traffic data, and the data processing efficiency is low. The detection time lags behind in this process, and it cannot be resolved quickly after the occurrence of malicious traffic.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Https malicious encrypted traffic detection method and system based on machine learning
  • Https malicious encrypted traffic detection method and system based on machine learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] Specific embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings. It should be understood that the specific embodiments described here are only used to illustrate and explain the present invention, and are not intended to limit the present invention.

[0055] figure 1 It is a flowchart of a machine learning-based https malicious encrypted traffic detection method provided by an embodiment of the present invention. Such as figure 1 As shown, the detection method includes:

[0056] data preprocessing, preprocessing the flow data to obtain the quaternion feature vector of the flow data;

[0057] Malicious traffic detection, inputting the four-tuple feature vector of the traffic data into the trained random forest model, and detecting the malicious probability of the traffic data. The traffic data is processed into four-tuple feature vectors and then input to the trained random forest model for detection, and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an https malicious encrypted traffic detection method and system based on machine learning, and belongs to the field of malicious encrypted traffic detection. The detection method comprises the following steps: data preprocessing: preprocessing flow data to obtain a quadruple feature vector of the flow data; malicious flow detection: inputting the tetrad feature vector of the flow data into the trained random forest model, and detecting to obtain the malicious probability of the flow data. processing the traffic data into a quadruple feature vector, and inputting the quadruple feature vector into the trained random forest model for detection to obtain a malicious probability of the traffic data, thereby realizing rapid online detection of malicious traffic. The detection system comprises: a data preprocessing unit used for preprocessing flow data to obtain a quadruple feature vector of the flow data; and the malicious flow detection unit which is used for inputting the quadruple feature vector of the flow data into the trained random forest model and detecting the malicious probability of the flow data. The system applies the method.

Description

technical field [0001] The present invention relates to the field of detection of malicious encrypted traffic, in particular to a distributed detection method of https malicious encrypted traffic based on machine learning and a distributed detection system of https malicious encrypted traffic based on machine learning. Background technique [0002] In recent years, with the full popularity of https, in order to ensure communication security and privacy, more and more network traffic has begun to use https encryption. As of today, more than 65% of network traffic has been encrypted using https. The introduction of https is mainly to deal with various eavesdropping and man-in-the-middle attacks, to establish a uniquely secure channel on an insecure network, and to add data packet encryption and server certificate verification. However, with the increase of encrypted network traffic in all the Internet, malware has also begun to use https to protect its communication. Currently...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425Y02D30/50
Inventor 兰亭洋王智民
Owner 北京六方云信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap