Method of unknown protocol classification based on autoencoder

被引：0

作者：

Gu C. ^{[1
,2
]}

Wu W. ^{[1
]}

Shi Y. ^{[1
]}

Li G. ^{[1
]}

机构：

[1] School of Cyberspace Security, Information Engineering University, Zhengzhou

[2] Henan Key Laboratory of Network Cryptography Technology, Zhengzhou

来源：

| 1600年 / Editorial Board of Journal on Communications卷 / 41期

基金：

中国国家自然科学基金;

关键词：

Autoencoder; Feature extraction; Unknown protocol classification; Unsupervised classification;

D O I：

10.11959/j.issn.1000-436x.2020123

中图分类号：

学科分类号：

摘要：

Aiming at the problem that a large number of unknown protocols exist in the Internet, which makes it very difficult to manage and maintain the network security, a classification and identification method of unknown protocols was proposed. Combined with the autoencoder technology and the improved K-means clustering technology, the unknown protocol was classified and identified for the network traffic. The autoencoder was used to reduce dimensionality and select features of network traffic, clustering technology was used to classify the dimensionality reduction data unsupervised, and finally unsupervised recognition and classification of network traffic were realized. Experimental results show that the classification effect is better than the traditional K-means, DBSCAN, GMM algorithm, and has higher efficiency. © 2020, Editorial Board of Journal on Communications. All right reserved.

引用

页码：88 / 97

页数：9

共 33 条

[1] WU L F, HONG Z, PAN Y., Network protocol reverse analysis and application, (2016)
[2] ANDERSON B, MCGREW D., Machine learning for encrypted malware traffic classification: accounting for noisy labels and non-stationarity, Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1723-1732, (2017)
[3] HINTON G, SALAKHUTDINOV R., Reducing the dimensionality of data with neural networks, Science, 313, 5786, pp. 504-507, (2006)
[4] QI Y, XU L, YANG B, Et al., Packet classification algorithms: from theory to practice[J], Proceedings - IEEE INFOCOM, 13, 10, pp. 648-656, (2009)
[5] FIVOS C, PANAYIOTIS M., Identifying known and unknown peer-to-peer traffic, Proceedings of IEEE International Symposium on Network Computing & Applications, pp. 93-102, (2006)
[6] THAY C, VISOOTTIVISETH V, MONGKOLLUKSAMEE S., P2P traffic classification for residential network, Computer Science & Engineering Conference, pp. 1-6, (2016)
[7] CHUNG J, PARK B, WON Y, Et al., Traffic classification based on flow similarity, IEEE International Workshop on IP Operations & Management, pp. 65-77, (2009)
[8] ROCHA E, SALVADOR P, NOGUEIRA A., Detection of illicit network activities based on multivariate Gaussian fitting of multi-scale traffic characteristics, 2011 IEEE International Conference on Communications, pp. 1-6, (2011)
[9] TAYLOR V, SPOLAOR R, CONTI M, Et al., Robust smartphone App identification via encrypted network traffic analysis, IEEE Transactions on Information Forensics & Security, 13, 1, pp. 63-78, (2017)
[10] BLAKE A, SUBHARTHI P, DAVID M., Deciphering malware's use of TLS (without decryption), (2017)

← 1 2 3 4 →