出版社
IEEE
DOI: 10.1109/ISCC55528.2022.9913053
关键词
encrypted unknown protocol; traffic classification; feature extraction; machine learning
类别
资金
- National Key R&D Program of China [2021YFB3101403]
- Fundamental Research Funds for the Central Universities
- Jiangsu Provincial Key Laboratory of Network and Information Security
This paper proposes a practical method (PSCM) to automatically extract encrypted unknown protocol features and achieves high accuracy in real-world network traffic.
Network traffic classification is the basis for network management, Quality of Service and intrusion detection. As the number of Internet applications increases, the variety of unknown protocols grows, posing a significant challenge to network traffic classification. Traditional rule-based traffic classification methods are currently limited by the rise of dynamic ports and encryption protocols. Statistical methods using statistical features have good recognition of protocols with public formats. However, there is no public protocol format for unknown protocols, making it challenging to extract useful features. This paper proposes a practical Probability Statistics and Cluster Merging (PSCM) method to automatically extract encrypted unknown protocol features and map the clustering results to the actual protocols. Experimental results on real-world network traffic show that the method achieves an accuracy of 99.28% and performs well in the sampling scenarios.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据