| In recent years,with the rapid development of the Internet,especially mobile Internet technology,the rapid development of Internet communication technology has brought tremendous and far-reaching impacts on our lives,and human beings have entered the era of informatization.The Internet has become an indispensable part of human society and an important way for people to exchange information and process data.However,the ensuing information and network communication security problems have become more and more serious,which has become a problem that cannot be ignored in this era.With the diversification of network application services and the complexity of network structures,network management,maintenance,and detection have become increasingly difficult,and more and more private protocols have emerged,resulting in an increasing threat to network security.Therefore,the analysis and identification technology for private protocols has become a hot spot in current research.How to effectively extract the characteristics of network protocols has become the top priority of this research.This paper summarizes the current research methods for protocol identification and analysis.Combining genetic algorithm and association rule algorithm,a set of feature extraction and identification algorithms for unknown protocols are proposed.Then for the protocol that is difficult to extract effective fixed features,on the basis of the previous chapter,this paper proposes a regular feature extraction algorithm based on genetic programming,which effectively solves the problem of feature extraction and recognition of unknown protocols,and improves the accuracy of protocol recognition rate.The main work of this article is as follows:(1)This article first summarizes the relevant methods of protocol identification and protocol format reverse,compares the advantages and limitations of various methods,and then introduces related concepts such as information theory,pattern matching,data mining algorithms,and genetic programming.(2)This article then proposes a complete feature extraction and recognition algorithm for unknown protocols.The main processes are data preprocessing,data stream block cutting,multi-level filtering of frequent patterns,regular feature generation based on association rules,and feature verification.In this paper,the detailed design and experiment of each algorithm are carried out.Finally,the actual meaning of the features is extracted by combining with the actual data analysis,which is verified through experiments,and finally a good experimental effect is obtained.(3)In the end,this paper combines a genetic algorithm-related algorithm andthe relevant characteristics of regular expressions,and proposes a regular feature extraction algorithm based on tree genetic programming.Through continuous genetic iteration,it finally obtains better regular features. |
PDF Full Text Request