网络与信息安全学报 ›› 2021, Vol. 7 ›› Issue (4): 101-113.doi: 10.11959/j.issn.2096-109x.2021057

• 专栏Ⅱ:密码技术与应用 • 上一篇    下一篇

隐私保护的加密流量检测研究

张心语, 张秉晟, 孟泉润, 任奎   

  1. 浙江大学网络空间安全学院,浙江 杭州 310000
  • 修回日期:2020-09-22 出版日期:2021-08-15 发布日期:2021-08-01
  • 作者简介:张心语(1997− ),女,浙江诸暨人,浙江大学博士生,主要研究方向为人工智能安全、数据安全
    张秉晟(1984− ),男,浙江杭州人,浙江大学研究员、博士生导师,主要研究方向为密码学、安全多方计算、零知识证明、区块链安全、数据安全
    孟泉润(1994-),男,河南新乡人,浙江大学硕士生,主要研究方向为数据安全
    任奎(1978− ),男,安徽巢湖人,浙江大学教授、博士生导师,主要研究方向为云计算中的数据安全、计算服务外包安全、无线系统安全、隐私保护、物联网系统与安全
  • 基金资助:
    国家自然科学基金(62032021);浙江省重点研发计划(2019C03133);阿里巴巴-浙江大学前沿技术联合研究所,浙江大学网络空间治理研究所,创新创业团队浙江省引进计划(2018R01005);移动互联网系统与应用安全国家工程实验室2020开放课题

Study on privacy preserving encrypted traffic detection

Xinyu ZHANG, Bingsheng ZHANG, Quanrun MENG, Kui REN   

  1. School of Cyber Science and Technology, Zhejiang University, Hangzhou 310000, China
  • Revised:2020-09-22 Online:2021-08-15 Published:2021-08-01
  • Supported by:
    The National Natural Science Foundation of China(62032021);Zhejiang Key R&D Plan(2019C03133);Alibaba-Zhejiang University Joint Institute of Frontier Technologies, Research Institute of Cyberspace Gover-nance in Zhejiang University, Leading Innovative and Entrepreneur Team Introduction Program of Zhejiang(2018R01005);2020 Open Project of the National Engineering Laboratory of Mobile Internet System and Application Security

摘要:

现有的加密流量检测技术缺少对数据和模型的隐私性保护,不仅违反了隐私保护法律法规,而且会导致严重的敏感信息泄露。主要研究了基于梯度提升决策树(GBDT)算法的加密流量检测模型,结合差分隐私技术,设计并实现了一个隐私保护的加密流量检测系统。在CICIDS2017数据集下检测了DDoS攻击和端口扫描的恶意流量,并对系统性能进行测试。实验结果表明,当隐私预算ε取值为1时,两个数据集下流量识别准确率分别为91.7%和92.4%,并且模型的训练效率、预测效率较高,训练时间为5.16 s和5.59 s,仅是GBDT算法的2~3倍,预测时间与GBDT算法的预测时间相近,达到了系统安全性和可用性的平衡。

关键词: 隐私保护, 加密流量检测, 梯度提升决策树, 差分隐私

Abstract:

Existing encrypted traffic detection technologies lack privacy protection for data and models, which will violate the privacy preserving regulations and increase the security risk of privacy leakage.A privacy-preserving encrypted traffic detection system was proposed.It promoted the privacy of the encrypted traffic detection model by combining the gradient boosting decision tree (GBDT) algorithm with differential privacy.The privacy-protected encrypted traffic detection system was designed and implemented.The performance and the efficiency of proposed system using the CICIDS2017 dataset were evaluated, which contained the malicious traffic of the DDoS attack and the port scan.The results show that when the privacy budget value is set to 1, the system accuracy rates are 91.7% and 92.4% respectively.The training and the prediction of our model is efficient.The training time of proposed model is 5.16 s and 5.59 s, that is only 2-3 times of GBDT algorithm.The prediction time is close to the GBDT algorithm.

Key words: privacy-preserving, encrypted traffic detection, gradient boosting decision tree, differential privacy

中图分类号: 

No Suggested Reading articles found!