Unlock instant, AI-driven research and patent intelligence for your innovation.
Network malicious encrypted traffic identification method and system
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A network traffic and traffic identification technology, applied in the field of encrypted traffic identification, can solve the problem of low identification accuracy and efficiency
Active Publication Date: 2021-06-11
GUANGDONG UNIV OF TECH
View PDF4 Cites 5 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
[0004] This application provides a method and system for identifying malicious encrypted traffic on the network, which is used to solve the technical problem that the existing malicious encrypted traffic identification method adopts CNN and RNN, and the identification accuracy and efficiency are not high
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0040] For ease of understanding, see figure 1 , the present application provides an embodiment of a network malicious encrypted traffic identification method, including:
[0041] Step 101. Obtain a complete two-way flow network traffic data sample carrying data information. The network traffic data sample includes a malicious encrypted traffic data sample and a normal encrypted traffic data sample.
[0042] It should be noted that, in the embodiment of the present application, network traffic data collection is first performed, and qualified traffic data samples are extracted. Among them, the traffic data samples that meet the conditions are: the total number of network traffic data packets is between 20 and 1000, carrying information, and it is a complete two-way flow. At the same time, the collected traffic data should be all encrypted traffic, and normal encrypted traffic data The number of samples ranges from 100,000 to 500,000, so that the number of samples is sufficien...
Embodiment 2
[0054] The present application provides an embodiment of a network malicious encrypted traffic identification system, including:
[0055] The acquiring unit is configured to acquire a complete bidirectional flow network traffic data sample carrying data information, and the network traffic data sample includes a malicious encrypted traffic data sample and a normal encrypted traffic data sample.
[0056] The preprocessing unit is configured to perform data preprocessing on the network traffic data samples.
[0057] A modeling unit, configured to input the preprocessed network traffic data samples into the ResNet-BiLSTM algorithm model, and train the ResNet-BiLSTM algorithm model.
[0058] The identification unit is used to identify malicious encrypted traffic using the trained ResNet-BiLSTM algorithm model.
[0059] In the embodiment of the present application, network traffic data collection is first performed, and qualified traffic data samples are extracted. Among them, th...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
PUM
Login to View More
Abstract
The invention discloses a network malicious encrypted traffic identification method and system, and the method comprises the steps: extracting effective features through employing a convolution layer of a ResNet-BiLSTM algorithm model in a spatial dimension, solving a problem that a deep network gradient disappears and is difficult to train through employing a ResNet-Inception layer, and learning potential time features between network traffic through employing a bidirectional LSTM network in a time dimension; therefore, while the recognition accuracy is improved, the execution efficiency of the classifier is improved; meanwhile, the aim of recognizing the malicious encrypted traffic under the condition of not invading the privacy of the user is fulfilled, and the technical problem that the recognition accuracy and efficiency are not high due to the adoption of CNN and RNN in the existing malicious encrypted traffic recognition mode is solved.
Description
technical field [0001] The present application relates to the technical field of encrypted traffic identification, and in particular to a method and system for identifying malicious encrypted traffic on a network. Background technique [0002] With the rapid development of Internet networks and online applications, more and more network traffic is encrypted to ensure communication security and privacy. However, attackers can also use this method to hide their information and whereabouts. Therefore, it is an urgent need to detect malicious traffic in encrypted traffic. [0003] TSL encryption technology sits between the transport layer and the application layer to provide confidentiality and data integrity between two communicating applications. On the one hand, it provides encryption and security protection for communication between hosts, which effectively prevents man-in-the-middle attacks and ensures reliable data transmission. On the other hand, it makes it difficult to...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to View More 
Login to View More 
