期刊
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS
卷 166, 期 -, 页码 -出版社
ACADEMIC PRESS LTD- ELSEVIER SCIENCE LTD
DOI: 10.1016/j.jnca.2020.102711
关键词
Traffic classification; Encrypted traffic; Gaussian mixture model; Hidden Markov model
类别
资金
- National Science and Technology Major Project of the Ministry of Science and Technology of China [2017ZX03001019-003]
- National Key R&D Plan Cyberspace Security Major Projects of China [2017YFB0801801]
- Science and Technology Service Network Initiative (STS) Project of Chinese Academy of Science [Y7X0071105]
- Young Elite Scientist Sponsorship Program by Henan Association for Science and Technology [2020HYTP008]
- Key Scientific and Technological Project of Henan Province [202102210352]
To protect user privacy (e.g., IP address and sensitive data in a packet), many traffic protection methods, like traffic obfuscation and encryption technologies, are introduced. However, these methods have been used by attackers to transmit malicious traffic, posing a serious threat to network security. To enhance network traffic supervision, this paper proposes a new traffic classification model based on Gaussian mixture models and hidden Markov models, named MGHMM. To evaluate the effectiveness of the proposed model, we first classify protocols and identify the obfuscated traffic by experiments. Then, we compare the classification performance of MGHMM with that of the latest Vector Quantiser-based traffic classification algorithm. On the basis of the experiment, the relation between the classification and the number of hidden Markov states, and the number of mixture of Gaussian distributions required to describe the hidden states, are analyzed.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据