Research On Key Technologies Of Traffic Identification In Encrypted Tunnel

With the development and popularization of Internet technology,the updating speed of Internet applications is far faster than before.All kinds of network traffic is full of the whole Internet.Effective identification of various network traffic has become an important issue affecting the rapid development of the Internet.At the same time,with the improvement of personal information protection awareness of Internet users,as well as the application of encryption technology and tunnel technology,the Internet has a large number of encrypted traffic and tunnel traffic.On the one hand,this encrypted tunnel technology protects user privacy,on the other hand,it can also be used by criminals to engage in illegal activities.Therefore,the research on the key technologies of traffic identification in encrypted tunnels has important practical significance.This paper proposes two traffic identification models to solve the above problems.One is to identify different protocol traffic under SSH tunnel through the identification model based on random forest.The other is to use the identification model based on convolutional neural network to identify SCP traffic.Firstly,the identification of different protocols in SSH tunnel is discussed.This paper proposes a random forest identification model based on principal component analysis for feature dimensionality reduction.The model uses algorithms to select the optimal number of principal components to achieve data dimensionality reduction,and obtains the appropriate number of decision trees through the learning curve.This experiment compares the confusion matrix of the decision tree classifier which is excellent in SSH traffic identification and the random forest classifier proposed in this paper.Finally,this paper will verify the classification results of different algorithms before and after feature dimensionality reduction through comparative experiments to verify the advantages of random forest classifier in SSH encrypted tunnel traffic recognition.Secondly,in view of the problem that the identification precision is not enough in the research on traffic identification of encrypted tunnels,this paper proposes a model to identify SCP file replication traffic under SSH tunnels by convolutional neural network algorithm.his model takes advantage of the advantages of convolutional neural network in image processing,captures and processes SCP traffic by building an experimental environment,and then identification traffic through convolutional neural network.Finally,this paper will prove the advantages of convolutional neural network in the refined identification of SSH encrypted tunnel traffic by analyzing the confusion matrix of the recognition result of the convolutional neural network and the accuracy,precision,and recall of traffic recognition.