{"title":"基于N-gram熵和累积和检验的加密流量识别","authors":"Guang Cheng, Ying Hu","doi":"10.1145/3226052.3226057","DOIUrl":null,"url":null,"abstract":"Since existing methods using entropy are less effective in characterizing encrypted traffic, this paper proposes an encrypted traffic identification method based on n-gram entropy and cumulative sum. This method analyzes the entropy characteristics of n-gram entropy for text, picture, compressed file, and encrypted traffic in the network. Furthermore, an analysis of cumulative sum is performed to better distinguish compressed file traffic and encrypted traffic. The experiments show that our propsed method reaches high accuracy for encrypted traffic identification and performs well in distinguishing compressed file traffic and encrypted traffic.","PeriodicalId":409980,"journal":{"name":"Proceedings of the 13th International Conference on Future Internet Technologies","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2018-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Encrypted Traffic Identification Based on N-gram Entropy and Cumulative Sum Test\",\"authors\":\"Guang Cheng, Ying Hu\",\"doi\":\"10.1145/3226052.3226057\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Since existing methods using entropy are less effective in characterizing encrypted traffic, this paper proposes an encrypted traffic identification method based on n-gram entropy and cumulative sum. This method analyzes the entropy characteristics of n-gram entropy for text, picture, compressed file, and encrypted traffic in the network. Furthermore, an analysis of cumulative sum is performed to better distinguish compressed file traffic and encrypted traffic. The experiments show that our propsed method reaches high accuracy for encrypted traffic identification and performs well in distinguishing compressed file traffic and encrypted traffic.\",\"PeriodicalId\":409980,\"journal\":{\"name\":\"Proceedings of the 13th International Conference on Future Internet Technologies\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-06-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 13th International Conference on Future Internet Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3226052.3226057\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 13th International Conference on Future Internet Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3226052.3226057","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Encrypted Traffic Identification Based on N-gram Entropy and Cumulative Sum Test
Since existing methods using entropy are less effective in characterizing encrypted traffic, this paper proposes an encrypted traffic identification method based on n-gram entropy and cumulative sum. This method analyzes the entropy characteristics of n-gram entropy for text, picture, compressed file, and encrypted traffic in the network. Furthermore, an analysis of cumulative sum is performed to better distinguish compressed file traffic and encrypted traffic. The experiments show that our propsed method reaches high accuracy for encrypted traffic identification and performs well in distinguishing compressed file traffic and encrypted traffic.