检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:宫光霖 易军凯 张雅聪[2] GONG Guanglin;YI Junkai;ZHANG Yacong(College of Automation,Beijing Information Science and Technology University,Beijing 100192,China;College of Information Science and Technology,Beijing University of Chemical Technology,Beijing 100015,China)
机构地区:[1]北京信息科技大学自动化学院,北京100192 [2]北京化工大学信息科学与技术学院,北京100015
出 处:《重庆理工大学学报(自然科学)》2021年第5期118-126,共9页Journal of Chongqing University of Technology:Natural Science
基 金:国家自然科学基金项目(U1636208)。
摘 要:为解决网络应用加密传输中大部分分析加密流量的方法忽略通信维持的简化阶段的流量分类,并且网络中应用指纹有大量重复的问题,提出一种新型的加密流量分类方法。将报文长度作为重要的特征分析,通过高斯混合模型建模解决应用指纹的重复问题;通过限制聚类将同一应用长度相近的指纹尽可能划分到同一簇内,提高了收敛速度。实验结果表明:提出的研究方法与传统的加密流量分类方法相比,其TPR和FPR分别提高10.8%和15.7%,效果明显提高。In order to solve the problem that most of the analysis methods of encrypted traffic in encryption transmission of network application ignore the traffic classification in the simplified phase of communication maintenance,and there are a lot of duplication of application fingerprints in the network,a new classification method of encrypted traffic is proposed.The article takes the length of the message as an important feature analysis,and solves the repetitive problem of application fingerprints through Gaussian mixture model modeling;By restricting clustering,the fingerprints with similar length in the same application are divided into the same cluster as much as possible to improve the convergence speed.The experimental results show that compared with the traditional encrypted traffic classification method,the research method proposed in the article has 10.8%and 15.7%improvement in TPR and FPR respectively,and the classification effect is significantly improved.
分 类 号:TN915.08[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.217.218.162