期刊文献+

基于分段熵分布的VPN加密流量检测与识别方法 被引量:7

Detection and recognition of VPN encrypted traffic based on segmented entropy distribution
下载PDF
导出
摘要 为加强对VPN加密流量的有效监管,提高网络监管的效率效果,针对VPN加密流量报文信息缺失,流量特征混淆的特点,文章提出了一种基于分段熵分布的VPN加密流量检测与识别方法。该方法利用滑动窗口方法对VPN加密报文序列高熵、低熵区域进行划分,并以此作为流量特征,使用胶囊神经网络模型实现VPN加密流量的精准检测与识别。不同于现有的基于机器学习的加密流量检测方法,该方法针对VPN加密流量本身特性进行研究,具有方法的普适性。实验与对比分析证明,该方法识别准确率达99.87%,可以用于VPN加密流量检测识别。 In order to strengthen the effective supervision of VPN encrypted traffic and improve the efficiency of network supervision,the article proposes a method for detecting and identifying VPN encrypted traffic based on segmented entropy distribution in view of the lack of information in VPN encrypted traffic messages and the confusion of traffic characteristics.This method uses the sliding window method to divide the high-entropy and low-entropy regions of the VPN encrypted message sequence,which are taken as traffic characteristics.Then,this method uses the capsule neural network model to achieve accurate detection and identification of VPN encrypted traffic.Different from the existing encrypted traffic detection method based on machine learning,this method studies the characteristics of VPN encrypted traffic itself and has the universality of the method.Experiments and comparative analysis prove that the accuracy of this method is 99.87%.It can be used for VPN encrypted traffic detection and identification.
作者 唐舒烨 程光 蒋泊淼 陈子涵 郭树一 Tang Shuye;Cheng Guang;Jiang Bomiao;Chen Zihan;Guo Shuyi(School of Cyber Science and Engineering,Southeast University,Jiangsu Nanjing 211189;International governance research base of Cyberspace(Southeast University),Jiangsu Nanjing 211189;Purple Mountain Laboratories for Network and Communication Security,Jiangsu Nanjing 211111;Key Laboratory of Computer Network and Information Integration of Ministry of Education(Southeast University),Jiangsu Nanjing 211189)
出处 《网络空间安全》 2020年第8期23-27,33,共6页 Cyberspace Security
基金 国家重点研发计划项目课题(项目编号:2018YFB1800602) 教育部-中国移动科研基金(项目编号:MCM20180506) 赛尔网络下一代互联网技术创新项目(项目编号:NGIICS20190101、NGII20170406)。
关键词 加密流量识别 VPN流量 信息熵 胶囊神经网络 encrypted traffic identification VPN traffic information entropy capsule neural network
  • 相关文献

参考文献2

二级参考文献5

共引文献28

同被引文献41

引证文献7

二级引证文献30

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部