| As VPN technology is widely used by enterprises and individuals,in order to protect the security of data transmission,VPN traffic is encrypted and kept private.But because of the rising of the encryption intensity,the audit for VPN protocol traffic is becoming more and more difficult.Protecting data security has become a factor restricting the identification of VPN protocol.This is important to distinguish the VPN protocol in the field of VPN protocol identification.For this reason,this paper proposes a new autocorrelation randomness detection algorithm.The algorithm first performs a shift autocorrelation calculation on the sample data columns,in order to improve the detection algorithm speed,the Fourier transform and the inverse Fourier transform are used to quickly calculate the correlation value.The new algorithm can ensure higher detection rate and improve the speed of identification.In the experiment,we use different file types encryption samples random sequence acquisition.the algorithm presented in this paper to deal with sample set.The algorithm on the randomness of the testing data has good recognition effect.In choosing the recognition mode,in order to accurately filter and classify VPN data traffic,We design and implement the initiative identification system of VPN protocol based on Mina2 asynchronous framework.The system adopts a method based on initiative identification mode for VPN protocol identification.Initiative identification is different from the conventional way of recognizing and classifying protocols by data obtained from port mirroring,it constructs a VPN request message to carry on initiative interaction with the server,matches features on response information based on VPN protocol,solves the data leakage and distort due to limited hardware performance in the traditional method of protocol identification with port mirror.The Apache Mina2 network application framework based on asynchronous event triggering mechanism is used in the experiment.By establishing initiative connections with the target server,the VPN protocol is accurately identified.From the experimental results we can see that the system have a higher recognition rate of VPN protocols,including PPTP,L2 TP and Open VPN.This method provides an efficient and feasible solution in the protocol identification.The experimental result shows that,in VPN protocol identification,the passive identification mode based on protocol features is not suitable for the identification and classification of VPN traffic,recognition rate is higher using initiative recognition mode.In this paper,through research of two aspects above,makes the accuracy of VPN protocol identification better and recognition effect more stable and accurate. |
PDF Full Text Request