计算机科学 ›› 2021, Vol. 48 ›› Issue (4): 295-302.doi: 10.11896/jsjkx.200700189
所属专题: 信息安全 虚拟专题
周益旻1,2, 刘方正1, 王勇1
ZHOU Yi-min1,2, LIU Fang-zheng1 , WANG Yong1
摘要: 文中提出了一种混合方法,将指纹识别与机器学习方法相结合,实现了IPSec VPN加密流量的识别。该方法首先基于负载特征从网络流量中筛选出IPSec VPN流量;接着,基于时间相关的流特征,利用随机森林算法建立了IPSec VPN流量分类模型,通过参数优化以及特征选择,整体流量识别的准确率达到了93%。实验结果验证了通过流特征提取的机器学习方法识别IPSec VPN流量的可行性;同时表明了该方法能够有效均衡识别精度与识别速度,达到了高效识别IPSec VPN加密流量的效果。
中图分类号:
[1]WANG T,HU A Q.A Conformance Test Method of IPSecVPN Protocol based on Edge Detection[J].Information Network Security,2014(2):7-11. [2]FADLULLAH Z M,TALEB T,VASILAKOS A V,et al.DTRAB:combating against attacks on encrypted protocols through traffic feature analysis[J].IEEE/ACM Transactions on Networking(TON),2010,18(4):1234-1247. [3]ROUGHAN M,SEN S,SPATSCHECK O,et al.Class-of-service mapping for QoS:a statistical signature-based approach to IP traffic classification[C]//The 4th ACM SIGCOMM Conference on Internet Measurement.ACM,2004:135-148. [4]PAN W,CHENG G,GUO X,et al.Review and perspective on encrypted traffic identification research[J].Journal on Communications,2016,37(9):154-167. [5]BERNAILLE L,TEIXEIRA R.Early recognition of encrypted applications[M]//Passive and Active Network Measurement.Springer Berlin Heidelberg,2007:165-175. [6]ZENG X,CHEN X,SHAO G,et al.Flow context and host behavior based Shadowsocks’s traffic identification[J].IEEE Access,2019,7:41017-41032. [7]LASHKARI A H,DRAPER-GIL G,MAMUN M S I,et al.Charac- terization of encrypted and VPN traffic using time-related features[C]//The International Conference on Information Systems Security and Privacy.2016:94-98. [8]YILDIRIM T,RADCLIFFE P J.VoIP traffic classification inIPSec tunnels[C]//2010 International Conference onElectro-nics and Information Engineering.IEEE,2010,1:v1-151-v1-157. [9]WANG Q L,WANG Z X,ZHANG L C,et al.GMM-based Application-layer Protocol Identification of ESP Traffic[J].Computer Engineering,2011,37(24):91-93. [10]BAGUI S,FANG X,KALAIMANNAN E,et al.Comparison of machine-learning algorithms for classification of VPN network traffic flow using time-related features[J].Journal of Cyber Security Technology,2017,1(2):108-126. [11]DONG S,LI R.Traffic identification method based on multiple probabilistic neural network model[J].Neural Computing and Applications,2019,31(2):473-487. [12]ZHUO C,ZHANG.The research and comparison of the ah and esp in IPSec[J].Computer Applications and Software,2004(7):105-106,124. [13]MOORE A,ZUEV D,CROGAN M.Discriminators for use in flow-based classification Technical report[D].London:Queen Mary University of London,Department of Computer Science,2005:6-13. [14]DIAS K L,PONGELUPE M A,CAMINHAS W M,et al.An innovative approach for real-time network traffic classification[J].Computer Networks,2019,158:143-157. [15]DAINOTTI A,PESCAPE A,CLAFFY K C.Issues and future directions in traffic classification[J].Network,IEEE,2012,26(1):35-40. [16]BREIMAN L.Random forest [J].Machine Learning,2001,5(1):5-32. [17]WEN B W,DONG W H,XIE W J,et al.Optimization of random forest parameters based on improved grid search algorithm[J].Computer Engineering and Applications,2018,54(10):159-162. [18]WU C W,LIANG J H,WANG W.Random Forest Algorithm Based on Recursive Feature Elimination[J].Statistics and decision making,2017(21):60-63. [19]CHAWLA N V,KARAKOULAS G.Learning From LabeledAnd Unlabeled Data:An Empirical Study Across Techniques And Domains[J].Journal of Artificial Intelligence Research,2011,23(1):331-366. [20]YAO W,WEI L I,WU K H,et al.Application of Fusion Model of GBDT and LR in Encrypted Traffic Identification[J].Computer and Modernization,2020(3):93. |
[1] | 高振卓, 王志海, 刘海洋. 嵌入典型时间序列特征的随机Shapelet森林算法 Random Shapelet Forest Algorithm Embedded with Canonical Time Series Features 计算机科学, 2022, 49(7): 40-49. https://doi.org/10.11896/jsjkx.210700226 |
[2] | 胡艳羽, 赵龙, 董祥军. 一种用于癌症分类的两阶段深度特征选择提取算法 Two-stage Deep Feature Selection Extraction Algorithm for Cancer Classification 计算机科学, 2022, 49(7): 73-78. https://doi.org/10.11896/jsjkx.210500092 |
[3] | 王兵, 吴洪亮, 牛新征. 基于改进势场法的机器人路径规划 Robot Path Planning Based on Improved Potential Field Method 计算机科学, 2022, 49(7): 196-203. https://doi.org/10.11896/jsjkx.210500020 |
[4] | 王文强, 贾星星, 李朋. 自适应的集成定序算法 Adaptive Ensemble Ordering Algorithm 计算机科学, 2022, 49(6A): 242-246. https://doi.org/10.11896/jsjkx.210200108 |
[5] | 阙华坤, 冯小峰, 刘盼龙, 郭文翀, 李健, 曾伟良, 范竞敏. Grassberger熵随机森林在窃电行为检测的应用 Application of Grassberger Entropy Random Forest to Power-stealing Behavior Detection 计算机科学, 2022, 49(6A): 790-794. https://doi.org/10.11896/jsjkx.210800032 |
[6] | 章晓庆, 方建生, 肖尊杰, 陈浜, RisaHIGASHITA, 陈婉, 袁进, 刘江. 基于眼前节相干光断层扫描成像的核性白内障分类算法 Classification Algorithm of Nuclear Cataract Based on Anterior Segment Coherence Tomography Image 计算机科学, 2022, 49(3): 204-210. https://doi.org/10.11896/jsjkx.201100085 |
[7] | 刘振宇, 宋晓莹. 一种可用于分类型属性数据的多变量回归森林 Multivariate Regression Forest for Categorical Attribute Data 计算机科学, 2022, 49(1): 108-114. https://doi.org/10.11896/jsjkx.201200189 |
[8] | 杨小琴, 刘国军, 郭建慧, 马文涛. 基于随机森林的空域-频域联合特征全参考彩色图像质量评价方法 Full Reference Color Image Quality Assessment Method Based on Spatial and Frequency Domain Joint Features with Random Forest 计算机科学, 2021, 48(8): 99-105. https://doi.org/10.11896/jsjkx.200700106 |
[9] | 郑建华, 李小敏, 刘双印, 李迪. 融合级联上采样与下采样的改进随机森林不平衡数据分类算法 Improved Random Forest Imbalance Data Classification Algorithm Combining Cascaded Up-sampling and Down-sampling 计算机科学, 2021, 48(7): 145-154. https://doi.org/10.11896/jsjkx.200800120 |
[10] | 曹扬晨, 朱国胜, 祁小云, 邹洁. 基于随机森林的入侵检测分类研究 Research on Intrusion Detection Classification Based on Random Forest 计算机科学, 2021, 48(6A): 459-463. https://doi.org/10.11896/jsjkx.200600161 |
[11] | 李娜娜, 王勇, 周林, 邹春明, 田英杰, 郭乃网. 基于特征重要度二次筛选的DDoS攻击随机森林检测方法 DDoS Attack Random Forest Detection Method Based on Secondary Screening of Feature Importance 计算机科学, 2021, 48(6A): 464-467. https://doi.org/10.11896/jsjkx.200900101 |
[12] | 徐佳庆, 胡小月, 唐付桥, 王强, 何杰. 基于随机森林的高性能互连网络阻塞故障检测 Detecting Blocking Failure in High Performance Interconnection Networks Based on Random Forest 计算机科学, 2021, 48(6): 246-252. https://doi.org/10.11896/jsjkx.201200142 |
[13] | 邓丽, 武金达, 李科学, 卢亚康. 基于TPE的SpaRC算法超参数优化方法 SpaRC Algorithm Hyperparameter Optimization Methodology Based on TPE 计算机科学, 2021, 48(2): 70-75. https://doi.org/10.11896/jsjkx.200500156 |
[14] | 张天瑞, 魏铭琦, 高秀秀. 基于IPSO-WRF的选择性激光烧结件气泡溶解时间预测模型 Prediction Model of Bubble Dissolution Time in Selective Laser Sintering Based on IPSO-WRF 计算机科学, 2021, 48(11A): 638-643. https://doi.org/10.11896/jsjkx.210300080 |
[15] | 刘振鹏, 苏楠, 秦益文, 卢家欢, 李小菲. FS-CRF:基于特征切分与级联随机森林的异常点检测模型 FS-CRF:Outlier Detection Model Based on Feature Segmentation and Cascaded Random Forest 计算机科学, 2020, 47(8): 185-188. https://doi.org/10.11896/jsjkx.190600162 |
|