| 网络应用流类别不平衡环境下的SSL加密应用流识别关键技术 |
| |
| 引用本文: | 陈雪娇,王攀,刘世栋.网络应用流类别不平衡环境下的SSL加密应用流识别关键技术[J].电信科学,2015,31(12):83-89. |
| |
| 作者姓名: | 陈雪娇 王攀 刘世栋 |
| |
| 作者单位: | 1. 南京信息职业技术学院 南京210023;2. 南京邮电大学 南京210003;3. 国网智能电网研究院 南京210003 |
| |
| 基金项目: | 2013 江苏省六大人才高峰计划项目;2013 国家发展和改革委员会信息安全专项资助项目;国家电网公司2014 年科技项目“电力信息通信网络流量预测和管道智能化关键技术研究及应用”;2015 江苏省产学研前瞻性联合研究项目 |
| |
| 摘 要: | 通过深入研究网络类别不平衡的原因,选择SMOTE(synthetic minority over-sampling technique)过抽样方法对数据集进行预处理,并充分利用特征匹配高准确性的优点识别和分拣出SSL 加密流,进而利用基于互信息最大化的聚类方法和SVM分类方法进一步识别SSL加密应用,这种混合方法有效地结合了静态特征匹配和机器学习方法的优点,达到识别分类方法在准确性和识别速度的均衡。
|
| 关 键 词: | 流量识别 流量分析 行为特征 行为建模 行为模型 |
Key Technology of SSL Encrypted Application Identification Under Imbalance of Application Class |
| |
| Xuejiao Chen,Pan Wang,Shidong Liu.Key Technology of SSL Encrypted Application Identification Under Imbalance of Application Class[J].Telecommunications Science,2015,31(12):83-89. |
| |
| Authors: | Xuejiao Chen Pan Wang Shidong Liu |
| |
| Affiliation: | 1. Nanjing College of Information Technology, Nanjing 210023, China;2. Nanjing University of Posts and Telecommunications, Nanjing 210003;3. State Grid Smart Grid Research Institute, Nanjing 210003, China |
| |
| Abstract: | Through a in-depth study about the reason of network class imbalance, a method called SMOTE was chosen over the data set sampling preprocess, making full use of the advantages which is high accuracy of traffic model feature matching identification and sorting out the encrypted SSL flow, and then using the clustering method and the SVM based on mutual information classification method to further identify SSL encryption specific application, like HTTPS/POPS etc. The hybrid method effectively combines the advantages of static feature matching and machine learning methods,to achieve the balance of classification method on accuracy and speed. |
| |
| Keywords: | traffic identification traffic analysis behavior characterization behavior modeling behavior pattern |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《电信科学》浏览原始摘要信息 |
|
点击此处可从《电信科学》下载全文 |
