| With the development of the network technology, the Internet has changed the life style of the ordinary people. Using the Internet, the people can get the latest information around the world, make friends all over the world, enjoy the entertainment, purchase the goods form the other countries. At the same time, there are many network traffic flows, applications and security problems in the network. Using the network traffic identification technology, the protocol the application used or the type of the application can be detected. Under this circumstance, the management of the network, the control of the QoS, the security detection and the efficient network plan can be achieved. But in fact, because of using of the dynamic port number, the masquerading technology and the payload encryption, the network traffic flow identification accurately, efficiently and intelligently is still a challenge and hot research topic now.The accuracy of the application traffic signature is the crucial item in the network traffic identification. In this paper, the signature extraction process and the efficiency of the signature in the current four popular identification methods (port number, signature sequences, flow statistics signature and user behavior analysis) are introduced. And then our researches are been achieved in the following fields:how to get rid of the noise in the original data, how to bring down the time complexity and how to identify the encrypted network flow.The major contributions and innovations of this paper are as follows.1) This dissertation brings in the principle component analysis method to purity the original data of the target application. If the data used to extract the signature contain the noise, which is called as dirty data, the credibility of the signature is brought down. So in this paper, using the principle component analysis, the statistics signature of the noise is get rid of as the second information. This method can improve the direction of the extraction signature process, which can lead to a higher accuracy of the network traffic identification. 2) This dissertation researches on how to improve the efficiency of extraction signature. The traditional sequence signature extraction process is a high time and space complexity procedure. So in this paper, the fixed bit offset algorithm is proposed to extract the signature. This method can avoid building the matrix and reviewing process to extract the signature. So comparing with the other traditional method, such as LCS algorithm, this method has one order of magnitude at least in time complexity. At the same time, the signature extraction algorithm based on the PCA is proposed. Using this method, the macro information of all the flow data instead of the sequences or subsequences in the original data flow is extracted. This approach is a relatively novel signature extraction attempt in network traffic identification field, which can explore a new idea in the further research.3) This paper researches on how to identify the encrypted network flow. In view of using the statistics signature to identify the encrypted flow, in this paper, the method using neural network to classify the encrypted flow is proposed. Simultaneously, in order to improve the process of building the neural network, and use less statistics signature to identify the network flow, the efficiency of the popular statistics signatures in neural network are investigated. |
PDF Full Text Request