{"title":"基于机器学习和行为特征的异常加密流量检测方法","authors":"Bin Kong, Zhangpu Liu, Guangmin Zhou, Xiaoyan Yu","doi":"10.1145/3371676.3371705","DOIUrl":null,"url":null,"abstract":"Classification of network traffic using port-based or deep packet-based analysis is becoming increasingly difficult with many peer-to-peer(P2P) applications using dynamic port numbers, especially in massive data streams. In view of the problem that traditional method cannot be self-learning and self-evolving in dynamic networks, this paper proposed an abnormally encrypted traffic detection method based on machine learning and behavior characteristics, this approach can not only identify unknown abnormal traffic, but eliminate specific feature extraction in advance, which can effectively improve the accuracy of the abnormal encrypted traffic detection system. In this paper, we processed the network traffic data with using a machine learning approach combined behavior characteristics of applications, the experimental results show that in the complex network, the abnormal encrypted data stream detection method based on machine learning and behavior characteristics has higher recognition accuracy and can more effectively solve the problem of abnormally encrypted traffic identification.","PeriodicalId":352443,"journal":{"name":"Proceedings of the 2019 9th International Conference on Communication and Network Security","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A Method of Detecting the Abnormal Encrypted Traffic Based on Machine Learning and Behavior Characteristics\",\"authors\":\"Bin Kong, Zhangpu Liu, Guangmin Zhou, Xiaoyan Yu\",\"doi\":\"10.1145/3371676.3371705\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Classification of network traffic using port-based or deep packet-based analysis is becoming increasingly difficult with many peer-to-peer(P2P) applications using dynamic port numbers, especially in massive data streams. In view of the problem that traditional method cannot be self-learning and self-evolving in dynamic networks, this paper proposed an abnormally encrypted traffic detection method based on machine learning and behavior characteristics, this approach can not only identify unknown abnormal traffic, but eliminate specific feature extraction in advance, which can effectively improve the accuracy of the abnormal encrypted traffic detection system. In this paper, we processed the network traffic data with using a machine learning approach combined behavior characteristics of applications, the experimental results show that in the complex network, the abnormal encrypted data stream detection method based on machine learning and behavior characteristics has higher recognition accuracy and can more effectively solve the problem of abnormally encrypted traffic identification.\",\"PeriodicalId\":352443,\"journal\":{\"name\":\"Proceedings of the 2019 9th International Conference on Communication and Network Security\",\"volume\":\"18 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-11-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2019 9th International Conference on Communication and Network Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3371676.3371705\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2019 9th International Conference on Communication and Network Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3371676.3371705","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Method of Detecting the Abnormal Encrypted Traffic Based on Machine Learning and Behavior Characteristics
Classification of network traffic using port-based or deep packet-based analysis is becoming increasingly difficult with many peer-to-peer(P2P) applications using dynamic port numbers, especially in massive data streams. In view of the problem that traditional method cannot be self-learning and self-evolving in dynamic networks, this paper proposed an abnormally encrypted traffic detection method based on machine learning and behavior characteristics, this approach can not only identify unknown abnormal traffic, but eliminate specific feature extraction in advance, which can effectively improve the accuracy of the abnormal encrypted traffic detection system. In this paper, we processed the network traffic data with using a machine learning approach combined behavior characteristics of applications, the experimental results show that in the complex network, the abnormal encrypted data stream detection method based on machine learning and behavior characteristics has higher recognition accuracy and can more effectively solve the problem of abnormally encrypted traffic identification.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
