摘要
HTTPS协议基于原本不具有加密机制的HTTP协议。将其与SSL/TLS协议组合,在传输数据之前,客户端与服务器端之间进行一次SSL/TLS握手,并协商通信过程中使用的加密套件,以安全地交换密钥并且实现双方的身份验证,建立安全通信线路后,对HTTP应用协议数据进行加密传输,防止通信内容被窃听和篡改。传统的基于有效载荷的方法已无法处理加密流量,基于流量特征和机器学习的加密流量分类和分析成为目前的主流方法,其通过建立监督学习模型,在保证加密完整性的条件下,基于网络流数据特征工程,应用C4.5决策树算法,在局域网环境中对腾讯网中应用HTTPS加密数据传输流进行分析,可有效实现对该网站HTTPS加密流量进行模块内容的精确分类。
The HTTPS protocol is based on the HTTP protocol that does not have an encryption mechanism.By combining with the SSL/TLS protocol,an SSL/TLS handshake is performed between the client and the server before the data is transmitted,and the cipher suite used in the communication process is negotiated to securely exchange secret keys and implement mutual authentication.After establishing a secure communication line,the HTTP application protocol data is encrypted and transmitted,preventing the risk of eavesdropping and tampering of the communication content.The traditional payload-based method can’t handle encrypted traffic.The classification and analysis of encrypted traffic based on traffic characteristics and machine learning have become the mainstream method.By establishing a supervised learning model,based on network flow data feature engineering,under the condition of ensuring encryption integrity,the C4.5 decision tree algorithm is applied in the LAN environment to analyze the application of HTTPS encrypted data transmission stream in Tencent network,which can effectively realize accurate classification of the website HTTPS encrypted traffic.
作者
邹洁
朱国胜
祁小云
曹扬晨
ZOU Jie;ZHU Guo-sheng;QI Xiao-yun;CAO Yang-chen(School of Computer and Information Engineering,Hubei University,Wuhan 430062,China;School of Chemistry and Chemical Engineering,Hubei University,Wuhan 430062,China)
出处
《计算机科学》
CSCD
北大核心
2020年第S01期381-385,共5页
Computer Science
基金
赛尔网络下一代互联网技术创新项目(NGII20180411)。
