Research On Application Awareness Algorithm In Encrypted Traffic

Traffic encryption is a commonly used technology to protect Internet privacy at present.However,this technology also makes malicious traffic such as viruses and Trojans hidden in the network more hidden.In order to improve the quality of network service and realize network traffic control,encrypted traffic classification perception has become a hot topic of current research.In this thesis,the commonly used TLS(Transport Layer Security)encrypted traffic and VPN(Virtual Private Network)traffic are taken as the research objects to carry out the corresponding research on the application awareness algorithm.The specific work is as follows:(1)Aiming at the problem of low recognition accuracy in the current TLS encrypted You Tube video traffic,a refined recognition method for encrypted You Tube video traffic was proposed.Firstly,a fast and effective feature extraction method is designed.By extracting the time stamp of the transmission process and the packet length of the corresponding time transmission,the first T period of traffic transmission is divided into N parts and the total length of each transmitted packet is calculated,which is regarded as the effective feature.At the same time,in order to improve the recognition accuracy,an integrated classification model is designed.Experimental results show that the proposed method is better than the existing models in traffic identification under encryption application,and the average accuracy and recall rates are 98.01% and 98.10%,respectively.(2)Aiming at the difficulty in extracting the valid features of VPN encrypted traffic and realizing high accuracy identification,this thesis proposes a traffic identification method based on attention residuals network.The proposed method firstly preprocesses the traffic data into a format suitable for convolutional neural network input,then designs the residual network module,and implements the model acceleration training by using the transfer learning method.Finally,channel and spatial attention mechanism are introduced to further improve the recognition ability of the model.The proposed method solves the difficult problem of feature extraction in traditional machine learning and realizes high accuracy recognition.Experimental results show that the recognition accuracy of the proposed method is 99.98%.(3)With the improvement of traffic identification requirements,it is necessary to further identify the specific applications of VPN encrypted traffic carrying capacity.This thesis designs and implements the application identification method of VPN traffic encryption based on Stacking.In this method,the output results of the low-level machine learning model are taken as the feature input of the high-level model by the way of model cascade,and the model cascade is realized by the way of feature transformation,and each layer needs to carry out feature transformation on the test set to adapt to the model input.The experimental results show that the average accuracy of the recognition model is 99.78%,and the F1-score is 99.98%.Finally,the thesis is summarized and the future research direction is pointed out.