| 基于主动学习和SVM方法的网络协议识别技术 |
| |
| 引用本文: | 王一鹏,云晓春,张永铮,李书豪.基于主动学习和SVM方法的网络协议识别技术[J].通信学报,2013,34(10):16-142. |
| |
| 作者姓名: | 王一鹏 云晓春 张永铮 李书豪 |
| |
| 作者单位: | 1. 中国科学院 计算技术研究所,北京 100190;2. 中国科学院大学,北京 100049;3. 中国科学院 信息工程研究所,北京 100093 |
| |
| 基金项目: | 国家高技术研究发展计划(“863”计划)基金资助项目(2012AA012803, 2013AA014703);国家科技支撑计划基金资助项目(2012BAH46B02);国家自然科学基金资助项目(61303261, 61303170) |
| |
| 摘 要: | 针对未知网络协议数据流的获取与标记工作主要依赖于领域专家。然而,样本数据量的增加会导致人工成本超过实际负荷。提出了一种新颖的未知网络协议识别方法。该方法基于主动学习算法,仅依靠原始网络数据流的载荷部分实现对未知网络协议的有效识别。实验结果表明,采用该方法设计的识别系统在保证识别准确率和召回率的前提下,能够有效地降低学习过程中标记的样本数目,更适用于实际的网络应用环境。
|
| 关 键 词: | 网络安全 网络协议识别 主动学习 网络数据流 支持向量机 |
Network protocol identification based on active
learning and SVM algorithm |
| |
| Yi-peng WANG,Xiao-chun YUN,Yong-zheng ZHANG,Shu-hao LI.Network protocol identification based on active
learning and SVM algorithm[J].Journal on Communications,2013,34(10):16-142. |
| |
| Authors: | Yi-peng WANG Xiao-chun YUN Yong-zheng ZHANG Shu-hao LI |
| |
| Affiliation: | 1. Institute of Computing Technology,Chinese Academy of Sciences,Beijing 100190,China;2. University of Chinese Academy of Sciences,Beijing 100049,China;3. Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China |
| |
| Abstract: | Obtaining qualified training data for protocol identification generally requires domain experts to be involved, which is time-consuming and laborious. A novel approach for network protocol identification based on active learning and SVM algorithm was proposed. The experimental evaluations on real-world network traces show this approach can accurately and efficiently classify the target network protocol from mixed Internet traffic, and meanwhile display a significant reduction in the number of labeled samples. Therefore, this approach can be employed as an auxiliary tool for analyzing unknown protocols in real-world environment. |
| |
| Keywords: | network security protocol identification active learning network traces support vector machine |
|
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
