摘要
SSL协议以及基于SSL协议的VPN技术广泛应用于各企业远程服务中。但是一些恶意软件通常利用加密技术和隧道技术绕过防火墙和入侵检测系统对网络信息安全造成严重威胁,因此,提出基于卷积神经网络的SSLVPN流量的识别研究。首先研究安全套接层SSL协议安全机制及其网络交互过程,在原有网络结构基础上增设复杂网络结构和加密流量,提出一种有效的SSL加密流量识别方法;其次针对SSLVPN流量的识别,结合机器学习算法,将卷积神经网络应用于SSLVPN流的识别。实验结果表明示,基于卷积神经网络的流量识别技术能够有效识别出网络中的SSLVPN流量,对改善网络流量监管、提升网络服务质量有重要的意义。
SSL protocol and VPN technology based on SSL protocol are widely used in remote services of enterprises.However,some malicious software usually uses encryption technology and tunnel technology to bypass firewalls and intrusion detection systems,which poses a serious threat to network information security.Therefore,this paper proposes the identification of SSLVPN traffic based on convolutional neural network.Firstly,the security mechanism of secure socket layer SSL protocol and its network interaction process are studied.Based on the original network structure,complex network structure and encrypted traffic are added,and an effective method for identifying the encrypted traffic of SSL is proposed.Secondly,for identifying the traffic of SSL VPN,convolutional neural network is applied to the identification of the traffic of SSL VPN combined with machine learning algorithm.Flow identification.The experimental results show that the traffic identification technology based on convolutional neural network can effectively identify the SSVPN traffic in the network,which is of great significance to improve the network traffic supervision and improve the quality of network service.
作者
张文哲
张丽娟
陈海倩
孙宏棣
ZHANG Wen-zhe;ZHANG Li-juan;CHEN Hai-qian;SUN Hong-di(China Southern Power Grid,(Security Department of Electric Power Dispatch Control Center),Guangzhou 510623,China;Digital Grid Research Institute,China Southern Power Grid.Guangzhou,(Innovation Incubation Division),Guangzhou 510623,China)
出处
《电子设计工程》
2020年第12期144-148,共5页
Electronic Design Engineering
基金
中国南方电网项目(DWG201803)。
关键词
SSL协议
机器学习
卷积神经网络
流量识别
SSL protocol
machine learning
convolutional neural network
traffic recognition
