面向SSL VPN加密流量的识别方法  被引量:6

Traffic Identification Method for SSL VPN Encryption

在线阅读下载全文

作  者:王宇航 姜文刚[1] 翟江涛 史正爽 WANG Yuhang;JIANG Wengang;ZHAI Jiangtao;SHI Zhengshuang(School of Electronic Information,Jiangsu University of Science and Technology,Zhenjiang,Jiangsu 212003,China;School of Intelligent Networks and Information Systems,Nanjing University of Information Science&Technology,Nanjing 210000,China;School of Informatics,University of Edinburgh,Edinburgh EH89YL,U K)

机构地区:[1]江苏科技大学电子信息学院,江苏镇江212003 [2]南京信息工程大学智能网络与信息系统研究院,南京210000 [3]爱丁堡大学信息学研究院,爱丁堡EH89YL

出  处:《计算机工程与应用》2022年第1期143-151,共9页Computer Engineering and Applications

基  金:国家自然科学基金(61702235)。

摘  要:SSLVPN流量常常被一些非法应用利用,来绕过防火墙等安全设施的检测。因此,对SSLVPN加密流量的有效识别对网络信息安全具有重要意义。针对此,提出了一种基于Bit级DPI和深度学习的SSLVPN加密流量识别方法,所提方法分为两个步骤:利用Bit级DPI指纹生成技术识别SSL流量,缩小识别范围;再利用基于注意力机制的改进的CNN网络流量识别模型识别SSLVPN流量。该方法不仅有效解决了传统SSL加密流量指纹识别方法存在的漏识别率较高的问题,同时改进后的深度学习模型能提取网络流量中具有非常显著性的细粒度的特征,从而更加有效地捕捉网络流量中存在的依赖性。实验结果表明,该方法较现有的模型对SSLVPN加密流量的识别效果提高了6%以上。SSL VPN traffic is often used by some illegal applications using SSL VPN to bypass the detection of security facilities such as firewalls.Therefore,the effective identification of SSL VPN encrypted traffic is of great significance to network information security.In view of this,this paper proposes a SSL VPN encrypted traffic identification method based on bit-level DPI and deep learning.The proposed method is divided into two steps:bit-level DPI fingerprint generation technology to identify SSL traffic and narrow the identification range;an improved CNN network traffic identification model based on attention mechanism to identify SSL VPN traffic.The proposed method not only effectively solves the problem of high rate of missing recognition in the traditional SSL traffic fingerprint identification method,but also the improved deep learning model can extract the very significant fine-grained features in the network traffic,so as to more effectively capture the dependency existing in the network traffic.The experimental results show that the proposed method is more than 6%better than the existing model in the identification of SSL VPN encrypted traffic.

关 键 词:SSLVPN 指纹识别 深度学习 注意力机制 

分 类 号:TP37[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象