| 赵博,郭虹,刘勤让,邬江兴.基于加权累积和检验的加密流量盲识别算法.软件学报,2013,24(6):1334-1345 |
| 基于加权累积和检验的加密流量盲识别算法 |
| Protocol Independent Identification of Encrypted Traffic Based on Weighted Cumulative Sum Test |
| 投稿时间:2011-07-11 修订日期:2012-05-31 |
| DOI:10.3724/SP.J.1001.2013.04279 |
| 中文关键词: 流量分类 加密流量识别 累积和检验 |
| 英文关键词:traffic classification encrypted traffic identification cumulative sum test |
| 基金项目:国家高技术研究发展计划(863)(2009AA01A346); 国家发改委专项(CNGI-09-02-03) |
|
| 摘要点击次数: 2835 |
| 全文下载次数: 4026 |
| 中文摘要: |
| 针对加密流量的在线普适识别问题,提出一种基于加权累积和检验的时延自适应加密流量盲识别算法.利用加密数据的随机性特点,对网络报文逐一实施累积和检验,根据报文长度将结果进行加权综合.无需解密操作,也无需匹配特定内容,实现了对加密流量的普适识别.可动态调整报文的检测数量,以达到时延和准确率的统一,实现在线识别.仿真结果显示,对公开和未公开的加密协议流量,识别率均可达到90%以上. |
| 英文摘要: |
| A protocol independent identification algorithm is proposed to identify encrypted traffic from both public and private encryption protocols. The randomness of the packet is evaluated by a cumulative test. In addition, results are weighted conflated. A test is performed when every new packet arrived rather than after all packets have received, so that time consumed computation is avoided. The quantity of packets may vary dynamically according to delay and accuracy requirement. Experiments results show that the algorithm achieves accuracy above 90% for SSL and private encryption protocol traffic. |
|
HTML 下载PDF全文 查看/发表评论 下载PDF阅读器 |
