| 基于关键字的单协议分类 |
| |
| 引用本文: | 郑杰,李建平. 基于关键字的单协议分类[J]. 计算机科学, 2015, 42(10): 60-64 |
| |
| 作者姓名: | 郑杰 李建平 |
| |
| 作者单位: | 电子科技大学计算机科学与工程学院 成都611731,电子科技大学计算机科学与工程学院 成都611731 |
| |
| 基金项目: | 本文受中国工程物理研究院科技发展基金(2012A0403021),NSAF联合基金(U1230106),国家信息安全发展计划(2013F098)资助 |
| |
| 摘 要: | 网络协议是网络通信中一系列标准的集合,未知协议的识别和分析对网络监管、保障网络安全具有重大意义。协议识别技术多种多样,但大都不适用于二进制的协议识别。在此针对现有的协议识别技术的局限性,提出了一种在双方单协议通信环境下的多种类型二进制数据帧的协议识别方法。该方法首先利用n-gram技术对数据帧进行分割,然后利用无监督的特征选择算法提取特征串集合,从而利用聚类算法实现协议消息的识别。最后在ICMP上对该方法进行评估,消息识别的准确率和召回率均可达到90%以上。
|
| 关 键 词: | 协议识别 单协议 无监督 特征选择 聚类算法 |
| 收稿时间: | 2015-01-05 |
| 修稿时间: | 2015-04-09 |
Classification of Single Protocol Based on Keywords |
| |
| ZHENG Jie and LI Jian-ping. Classification of Single Protocol Based on Keywords[J]. Computer Science, 2015, 42(10): 60-64 |
| |
| Authors: | ZHENG Jie and LI Jian-ping |
| |
| Abstract: | Network protocols are sets of standards for certain network communications.The protocol identification and analysis have great significance for network management and security.Although there are all kinds of protocol identification technology,most of them are not suitable for the binary protocol identification.To address this issue,the paper proposed a novel method of protocol identification which can classify the same protocol into several messages in the environment of single protocol communication.This method utilizes n-gram to segment the data frames and then extracts the set of keywords using unsupervised feature selection algorithm.At last,it implements the identification of different type of messages using clustering algorithm.Finally the method was evaluated on ICMP.The results show that the rate of precision and recall can both reach more than 90%. |
| |
| Keywords: | ZHENG Jie LI Jian-ping (School of Computer Science and Engineering University of Electronic Science and Technology of China Chengdu 611731 China) |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机科学》浏览原始摘要信息 |
|
点击此处可从《计算机科学》下载全文 |
