1. Encrypted traffic identification scheme based on sliding window and randomness features
- Author
-
Jiachi LIU, Boyu KUANG, Mang SU, Yaqian XU, Anmin FU
- Subjects
encrypted traffic ,compressed traffic ,random feature ,sliding sampling ,Electronic computers. Computer science ,QA75.5-76.95 - Abstract
With the development of information technology, network security has increasingly become a focal point for users and organizations, and encrypted data transmission has gradually become mainstream. This trend has driven the proportion of encrypted traffic on the Internet to rise continuously. However, data encryption, while ensuring privacy and security, has also become a means for illegal content to evade network supervision. To achieve the detection and analysis of encrypted traffic, it has become necessary to efficiently identify encrypted traffic. However, the presence of compressed traffic has significantly interfered with the identification of encrypted traffic. To address this issue, an encrypted traffic identification scheme based on sliding windows and randomness features was designed to efficiently and accurately identify encrypted traffic. Specifically, the scheme involved sampling the payloads of data packets in sessions using a sliding window mechanism to obtain data block sequences that reflect the information patterns of the original traffic. For each data block, randomness measurement algorithms were utilized to extract sample features and construct randomness features for the original payload. Additionally, a decision tree model based on the CART algorithm was designed, which significantly improved the accuracy of identifying encrypted and compressed traffic and greatly reduced the false negative rate for encrypted traffic identification. A balanced dataset was constructed by randomly sampling data from several authoritative websites, and experiments demonstrated the feasibility and efficiency of the proposed scheme.
- Published
- 2024
- Full Text
- View/download PDF