Computer Science

Computer Science ›› 2021, Vol. 48 ›› Issue (4): 295-302.doi: 10.11896/jsjkx.200700189

Special Issue: Information Security

• Information Security • Previous Articles     Next Articles

IPSec VPN Encrypted Traffic Identification Based on Hybrid Method

ZHOU Yi-min1,2, LIU Fang-zheng1 , WANG Yong1   

  1. 1 College of Electromagnetic Countermeasure,National University of Defense Technology,Hefei 230037,China
    2 Anhui Key Laboratory of Cyberspace Security Situation Awareness and Evaluation,Hefei 230037,China
  • Received:2020-06-24 Revised:2020-08-21 Online:2021-04-15 Published:2021-04-09
  • About author:ZHOU Yi-min,born in 1996,postgradua-te.His main research interests include network information security and so on.(dyzhouyimin@sina.com)
    LIU Fang-zheng,born in 1982,Ph.D,lecturer.His main research interests include network information security and so on.
  • Supported by:
    National Natural Science Foundation of China(6167454).

PDF (PC)

1674

Abstract: This paper proposes a hybrid method,which combines fingerprint identification with machine learning method to rea-lize the identification of IPSec VPN encrypted traffic.Firstly,the method selects the IPSec VPN traffic from the network traffic based on the load characteristics.Secondly,based on the time-related flow features,it uses the random forest algorithm to establish the IPSec VPN traffic classification model.Through parameter optimization and feature selection,the overall traffic identification accuracy reaches 93%.The experimental results verify the feasibility of identifying IPSec VPN traffic by machine learning method based on time-related flow features.At the same time,the experimental results show that the proposed method can effectively balance the recognition accuracy and recognition speed,and achieve the effect of efficient identification of IPSec VPN encrypted traffic.

Key words: Encrypted traffic identification, IPSec VPN, Parameter optimization, Random forest, Time-related flow features

CLC Number: 

  • TP393.8
[1]WANG T,HU A Q.A Conformance Test Method of IPSecVPN Protocol based on Edge Detection[J].Information Network Security,2014(2):7-11.
[2]FADLULLAH Z M,TALEB T,VASILAKOS A V,et al.DTRAB:combating against attacks on encrypted protocols through traffic feature analysis[J].IEEE/ACM Transactions on Networking(TON),2010,18(4):1234-1247.
[3]ROUGHAN M,SEN S,SPATSCHECK O,et al.Class-of-service mapping for QoS:a statistical signature-based approach to IP traffic classification[C]//The 4th ACM SIGCOMM Conference on Internet Measurement.ACM,2004:135-148.
[4]PAN W,CHENG G,GUO X,et al.Review and perspective on encrypted traffic identification research[J].Journal on Communications,2016,37(9):154-167.
[5]BERNAILLE L,TEIXEIRA R.Early recognition of encrypted applications[M]//Passive and Active Network Measurement.Springer Berlin Heidelberg,2007:165-175.
[6]ZENG X,CHEN X,SHAO G,et al.Flow context and host behavior based Shadowsocks’s traffic identification[J].IEEE Access,2019,7:41017-41032.
[7]LASHKARI A H,DRAPER-GIL G,MAMUN M S I,et al.Charac- terization of encrypted and VPN traffic using time-related features[C]//The International Conference on Information Systems Security and Privacy.2016:94-98.
[8]YILDIRIM T,RADCLIFFE P J.VoIP traffic classification inIPSec tunnels[C]//2010 International Conference onElectro-nics and Information Engineering.IEEE,2010,1:v1-151-v1-157.
[9]WANG Q L,WANG Z X,ZHANG L C,et al.GMM-based Application-layer Protocol Identification of ESP Traffic[J].Computer Engineering,2011,37(24):91-93.
[10]BAGUI S,FANG X,KALAIMANNAN E,et al.Comparison of machine-learning algorithms for classification of VPN network traffic flow using time-related features[J].Journal of Cyber Security Technology,2017,1(2):108-126.
[11]DONG S,LI R.Traffic identification method based on multiple probabilistic neural network model[J].Neural Computing and Applications,2019,31(2):473-487.
[12]ZHUO C,ZHANG.The research and comparison of the ah and esp in IPSec[J].Computer Applications and Software,2004(7):105-106,124.
[13]MOORE A,ZUEV D,CROGAN M.Discriminators for use in flow-based classification Technical report[D].London:Queen Mary University of London,Department of Computer Science,2005:6-13.
[14]DIAS K L,PONGELUPE M A,CAMINHAS W M,et al.An innovative approach for real-time network traffic classification[J].Computer Networks,2019,158:143-157.
[15]DAINOTTI A,PESCAPE A,CLAFFY K C.Issues and future directions in traffic classification[J].Network,IEEE,2012,26(1):35-40.
[16]BREIMAN L.Random forest [J].Machine Learning,2001,5(1):5-32.
[17]WEN B W,DONG W H,XIE W J,et al.Optimization of random forest parameters based on improved grid search algorithm[J].Computer Engineering and Applications,2018,54(10):159-162.
[18]WU C W,LIANG J H,WANG W.Random Forest Algorithm Based on Recursive Feature Elimination[J].Statistics and decision making,2017(21):60-63.
[19]CHAWLA N V,KARAKOULAS G.Learning From LabeledAnd Unlabeled Data:An Empirical Study Across Techniques And Domains[J].Journal of Artificial Intelligence Research,2011,23(1):331-366.
[20]YAO W,WEI L I,WU K H,et al.Application of Fusion Model of GBDT and LR in Encrypted Traffic Identification[J].Computer and Modernization,2020(3):93.
[1] GAO Zhen-zhuo, WANG Zhi-hai, LIU Hai-yang. Random Shapelet Forest Algorithm Embedded with Canonical Time Series Features [J]. Computer Science, 2022, 49(7): 40-49.
[2] HU Yan-yu, ZHAO Long, DONG Xiang-jun. Two-stage Deep Feature Selection Extraction Algorithm for Cancer Classification [J]. Computer Science, 2022, 49(7): 73-78.
[3] WANG Bing, WU Hong-liang, NIU Xin-zheng. Robot Path Planning Based on Improved Potential Field Method [J]. Computer Science, 2022, 49(7): 196-203.
[4] WANG Wen-qiang, JIA Xing-xing, LI Peng. Adaptive Ensemble Ordering Algorithm [J]. Computer Science, 2022, 49(6A): 242-246.
[5] QUE Hua-kun, FENG Xiao-feng, LIU Pan-long, GUO Wen-chong, LI Jian, ZENG Wei-liang, FAN Jing-min. Application of Grassberger Entropy Random Forest to Power-stealing Behavior Detection [J]. Computer Science, 2022, 49(6A): 790-794.
[6] ZHANG Xiao-qing, FANG Jian-sheng, XIAO Zun-jie, CHEN Bang, Risa HIGASHITA, CHEN Wan, YUAN Jin, LIU Jiang. Classification Algorithm of Nuclear Cataract Based on Anterior Segment Coherence Tomography Image [J]. Computer Science, 2022, 49(3): 204-210.
[7] LIU Zhen-yu, SONG Xiao-ying. Multivariate Regression Forest for Categorical Attribute Data [J]. Computer Science, 2022, 49(1): 108-114.
[8] YANG Xiao-qin, LIU Guo-jun, GUO Jian-hui, MA Wen-tao. Full Reference Color Image Quality Assessment Method Based on Spatial and Frequency Domain Joint Features with Random Forest [J]. Computer Science, 2021, 48(8): 99-105.
[9] ZHENG Jian-hua, LI Xiao-min, LIU Shuang-yin, LI Di. Improved Random Forest Imbalance Data Classification Algorithm Combining Cascaded Up-sampling and Down-sampling [J]. Computer Science, 2021, 48(7): 145-154.
[10] CAO Yang-chen, ZHU Guo-sheng, QI Xiao-yun, ZOU Jie. Research on Intrusion Detection Classification Based on Random Forest [J]. Computer Science, 2021, 48(6A): 459-463.
[11] LI Na-na, WANG Yong, ZHOU Lin, ZOU Chun-ming, TIAN Ying-jie, GUO Nai-wang. DDoS Attack Random Forest Detection Method Based on Secondary Screening of Feature Importance [J]. Computer Science, 2021, 48(6A): 464-467.
[12] XU Ming-ze, WEI Ming-hui, DENG Shuang, CAI Wei. Application of Multi-model Ensemble Learning in Prediction of Mechanical Drilling Rate [J]. Computer Science, 2021, 48(6A): 619-622.
[13] XU Jia-qing, HU Xiao-yue, TANG Fu-qiao, WANG Qiang, HE Jie. Detecting Blocking Failure in High Performance Interconnection Networks Based on Random Forest [J]. Computer Science, 2021, 48(6): 246-252.
[14] ZHANG Tian-rui, WEI Ming-qi, GAO Xiu-xiu. Prediction Model of Bubble Dissolution Time in Selective Laser Sintering Based on IPSO-WRF [J]. Computer Science, 2021, 48(11A): 638-643.
[15] LIU Zhen-peng, SU Nan, QIN Yi-wen, LU Jia-huan, LI Xiao-fei. FS-CRF:Outlier Detection Model Based on Feature Segmentation and Cascaded Random Forest [J]. Computer Science, 2020, 47(8): 185-188.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.