湖南大学学报(自然科学版)2024,Vol.51Issue(6):98-107,10.DOI:10.16339/j.cnki.hdxbzkb.2024270
一种多特征融合的加密流量快速分类方法
A Fast Classification Method for Encrypted Traffic Based on Multi-feature Fusion
摘要
Abstract
Network traffic recognition is the foundation of network management and security services.With the continuous expansion and increasing complexity of the Internet,traditional rule-based recognition methods or based on flow behavior characteristics are facing great challenges.Inspired by natural language processing(NLP),this paper proposes a fast classification method for encrypted traffic based on multi-feature fusion.The method completes the feature representation of network flows by combining the packet characteristics of data packets and byte sequences,expands the selected features into a double-byte sequence using binary byte encoding,and adds contextual semantic features of the bytes.By using pooling methods that are suitable for packet feature processing,the proposed model can preserve the feature information of packets to the greatest extent possible,thereby enhancing its noise resistance and more accurate classification ability.The method is validated on the Information Security Center of Excellence-2016(ISCX-2016)and a private dataset containing Encrypted Traffic Datasets for 66 popular applications(ETD66).The results show that the proposed method has significantly better accuracy and performance than other models in ISCX-2016 and ETD66,achieving accuracy of 98.2%and 98.6%,respectively,and thus proving the strong feature extraction ability and the model generalization ability.关键词
加密流量识别/自然语言处理/深度学习/文本分类/卷积神经网络Key words
encryption traffic identification/natural language processing(NLP)/deep learning/text classifi-cation/convolutional neural network(CNN)分类
信息技术与安全科学引用本文复制引用
谭阳红,罗琼辉,钟豪..一种多特征融合的加密流量快速分类方法[J].湖南大学学报(自然科学版),2024,51(6):98-107,10.基金项目
国家自然科学基金资助项目(51507058、51507054),National Natural Science Foundation of China(51507058、51507054) (51507058、51507054)
