隐私保护的加密流量检测研究

doi:10.11959/j.issn.2096-109x.2021057

Abstract

Abstract:

Existing encrypted traffic detection technologies lack privacy protection for data and models, which will violate the privacy preserving regulations and increase the security risk of privacy leakage.A privacy-preserving encrypted traffic detection system was proposed.It promoted the privacy of the encrypted traffic detection model by combining the gradient boosting decision tree (GBDT) algorithm with differential privacy.The privacy-protected encrypted traffic detection system was designed and implemented.The performance and the efficiency of proposed system using the CICIDS2017 dataset were evaluated, which contained the malicious traffic of the DDoS attack and the port scan.The results show that when the privacy budget value is set to 1, the system accuracy rates are 91.7% and 92.4% respectively.The training and the prediction of our model is efficient.The training time of proposed model is 5.16 s and 5.59 s, that is only 2-3 times of GBDT algorithm.The prediction time is close to the GBDT algorithm.

Key words: privacy-preserving, encrypted traffic detection, gradient boosting decision tree, differential privacy

CLC Number:

TP393

Xinyu ZHANG, Bingsheng ZHANG, Quanrun MENG, Kui REN. Study on privacy preserving encrypted traffic detection[J]. Chinese Journal of Network and Information Security, 2021, 7(4): 101-113.

Figures/Tables 7

References 40

[1]	MC-GREW D , ANDERSON B . Enhanced telemetry for encrypted threat analytics[C]// 2016 IEEE 24th International Conference on Network Protocols (ICNP). 2016: 1-6.
[2]	VOIGT P , VON DEM BUSSCHE A . Practical implementation of the requirements under the GDPR[M]// The EU General Data Protection Regulation (GDPR). Cham: Springer International Publishing, 2017: 245-249.
[3]	BUKATY P . The CCPA[M]// The California Consumer Privacy Act (CCPA). IT Governance Publishing, 2019: 123-169.
[4]	王春晖 . 《网络安全法》六大法律制度解析[J]. 南京邮电大学学报:自然科学版, 2017,37(1): 1-13.
	WANG C H . Analysis of the six legal systems of Network Security Law[J]. Journal of Nanjing University of Posts and Telecommuni-cations:Natural Science Edition, 2017,37(1): 1-13.
[5]	洪延青, 葛鑫 . 国家标准《信息安全技术个人信息安全规范》修订解读[J]. 保密科学技术, 2019(6): 6.
	HONG Y Q , GE X . Information Security Technology Personal In-formation Security Specification revision interpretation[J]. Security Science and Technology, 2019(6): 6.
[6]	诸葛建伟, 韩心慧, 周勇林 ,等. 僵尸网络研究[J]. 软件学报, 2008,19(3): 702-715.
	ZHUGE J W , HAN X H , ZHOU Y L ,et al. Research and develop-ment of Botnets[J]. Journal of Software, 2008,19(3): 702-715.
[7]	CAO Z , XIONG G , ZHAO Y ,et al. A survey on encrypted trafficclassification[M]// Applications and Techniques in Information Security. Springer Berlin Heidelberg, 2014: 73-81.
[8]	KLEINBAUM D G , DIETZ K , GAIL M ,et al. Logistic regression[M]. Springer, 2002.
[9]	HO T K , . Random decision forests[C]// Proceedings of 3rd International Conference on Document Analysis and Recognition:Volume 1. 1995: 278-282.
[10]	FANG Y , QIU Y , LIU L ,et al. Detecting webshell based on random forest with fasttext[C]// Proceedings of the 2018International Conference on Computing and Artificial Intelligence. 2018: 52-56.
[11]	SI S , ZHANG H , KEERTHI S S ,et al. Gradient boosted decision trees for high dimensional sparse output[C]// Proceedings of the 34th International Conference on Machine Learning-Volume 70 (ICML’17). 2017: 3182-3190.
[12]	翟征德, 宗兆伟 . 针对DNS服务器的抗DDoS安全网关系统：中国,CN101572701B[P]. 2013-11-20.
	ZHAI Z D , ZONG Z W . Anti-DDoS security gateway system for DNS server[P]. 2013-11-20.
[13]	SHOKRI R , STRONATI M , SONG C ,et al. Membership inference attacks against machine learning models[C]// 2017 IEEE Symposium on Security and Privacy (SP). 2017: 3-18.
[14]	SWEENEY L . K-anonymity:a model for protecting privacy[J]. International Journal of Uncertainty,Fuzziness and Knowledge-Based Systems, 2002,10(5): 557-570.
[15]	MACHANAVAJJHALA A , KIFER D , GEHRKE J ,et al. l-diversity:privacy beyond k-anonymity[J]. ACM Transactions on Knowledge Discovery from Data (TKDD), 2007,1(1): 3.
[16]	DWORK C , . Differential privacy:a survey of results[C]// International Conference on Theory and Applications of Models of Computation. 2008: 1-19.
[17]	FRANK M , MIRONOV I . Differentially private recommender systems:building privacy into the net[C]// ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 2009: 627-636.
[18]	LI Q , WU Z , WEN Z ,et al. Privacy-preserving gradient boosting decision trees[C]// Proceedings of the AAAI Conference on Artificial Intelligence. 2020: 784-791.
[19]	KE G L , MENG Q , FINLEY T ,et al. LightGBM:a highly efficient gradient boosting decision tree[C]// Advances in Neural Information Processing Systems 30 (NIPS 2017). 2017: 3149-3157.
[20]	SHARAFALDIN I , LASHKARI A H , GHORBANI A A . Toward Generating a new intrusion detection dataset and intrusion traffic characterization[C]// 4th International Conference on Information Systems Security and Privacy (ICISSP). 2018.
[21]	LIU Z , WU Z , LI T ,et al. GMM and CNN hybrid method for short utterance speaker recognition[J]. IEEE Transactions on Industrial Informatics, 2018,14(7): 3244-3252.
[22]	KRIZHEVSKY A , SUTSKEVER I , HINTON G E . Imagenet classification with deep convolutional neural networks[J]. Advances in Communications of the ACM, 2012: 1097-1105.
[23]	MEIDAN Y , BOHADANA M , SHABTAI A ,et al. ProfilIoT:a machine learning approach for IoT device identification based on network traffic analysis[C]// Proceedings of the Symposium on Applied Computing. 2017: 506-509.
[24]	CHEN T , ZHONG S . Privacy-preserving backpropagation neural network learning[J]. IEEE Transactions on Neural Networks, 2009,20(10): 1554-1564.
[25]	ERKIN Z , VEUGEN T ,, TOFT T , LAGENDIJK R L . Generating private recommendations efficiently using homomorphic encryption and data packing[J]. IEEE Trans Inf Forensics Security, 2012,7(3): 1053-1066.
[26]	BOST R , POPA R ,, TU S , GOLDWASSER S . Machine learning classification over encrypted data[C]// NDSS. 2015:4325.
[27]	GILAD-BACHRACH R , DOWLIN N , LAINE K ,et al. Cryptonets:applying neural networks to encrypted data with high throughput and accuracy[C]// International Conference on Machine Learning. 2016: 201-210.
[28]	HESAMIFARD E , TAKABI H , GHASEMI M . CryptoDL:deep neural networks over encrypted data[J]. ArXiv preprint ArXiv:1711.05189, 2017.
[29]	MOHASSEL P , ZHANG Y . SecureML:a system for scalable privacy-preserving machine learning[C]// 2017 IEEE Symposium on Security and Privacy (SP). 2017: 19-38.
[30]	KONE?NY I , MCMAHAN H B , YU F X ,et al. Federated learning:Strategies for improving communication efficiency[J]. arXiv preprint arXiv:1610.05492, 2016.
[31]	MOHASSEL P , RINDAL P . ABY3:a mixed protocol framework for machine learning[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018: 35-52.
[32]	PATRA A , SURESH A . BLAZE:Blazing Fast Privacy-Preserving Machine Learning[J]. arXiv preprint arXiv:2005.09042, 2020.
[33]	DWORK C , TALWAR K , THAKURTA A ,et al. Analyze gauss:optimal bounds for privacy-preserving principal component analysis[C]// Proceedings of the Forty-sixth Annual ACM Symposium on Theory of Computing. 2014: 11-20.
[34]	HEIKKIL? M , LAGERSPETZ E , KASKI S ,et al. Differentially private Bayesian learning on distributed data[C]// Advances in Neural Information Processing Systems. 2017: 3226-3235.
[35]	HARDT M , PRICE E . The noisy power method:a meta algorithm with applications[C]// Advances in Neural Information Processing Systems. 2014: 2861-2869.
[36]	ABADI M , CHU A , GOODFELLOW I ,et al. Deep learning with differential privacy[C]// Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. 2016: 308-318.
[37]	CHAUDHURI K , MONTELEONI C . Privacy-preserving logistic regression[C]// Advances in Neural Information Processing Systems. 2009: 289-296.
[38]	CHAUDHURI K , SAR WATE D A , SINHA K . A near-optimal algorithm for differentially-private principal components[J]. Journal of Machine Learning Research, 2013,14(1): 2905-2943.
[39]	CHAUDHURI K , MONTELEONI C , SARWATE A D . Differentially private empirical risk minimization[J]. Journal of Machine Learning Research, 2011,12: 1069-1109.
[40]	ZHANG J , ZHANG Z , XIAO X ,et al. Functional mechanism:regression analysis under differential privacy[J]. arXiv preprint arXiv:1208.0219, 2012.

Metrics

Recommended 0

No Suggested Reading articles found!

序号	数据集名称	恶意流量类型	良性流量总数	恶意流量总数
1	Friday-WorkingHours-Afternoon-DDos.pcap	DDoS	97 717	128 027
2	Friday-WorkingHours-Afternoon-PortScan.pcap	Port scan	127 536	158 930

n_tree	DDoS		PortScan
n_tree	DP-GBDT	GBDT	DP-GBDT	GBDT
20	3.19	1.97	3.70	2.34
50	5.11	2.31	5.59	2.77
100	9.77	2.94	9.69	3.59

DDoS			PortScan
DP-GBDT0.0409	GBDT0.0414		DP-GBDT0.0522	GBDT0.0525

Study on privacy preserving encrypted traffic detection

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 7

References 40

Related Articles 15

Metrics

Recommended 0

[1]	Feng YU, Qingxin LIN, Hui LIN, Xiaoding WANG. Privacy-enhanced federated learning scheme based on generative adversarial networks [J]. Chinese Journal of Network and Information Security, 2023, 9(3): 113-122.
[2]	Zuobin YING, Yichen FANG, Yiwen ZHANG. Privacy-preserving federated learning framework with dynamic weight aggregation [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 56-65.
[3]	Qianxin CHEN, Renwan BI, Jie LIN, Biao JIN, Jinbo XIONG. Privacy-preserving federated learning framework with irregular-majority users [J]. Chinese Journal of Network and Information Security, 2022, 8(1): 139-150.
[4]	Fuyuan SONG, Zheng QIN, Jixin ZHANG, Yu LIU. Efficient and secure multi-user outsourced image retrieval scheme with access control [J]. Chinese Journal of Network and Information Security, 2021, 7(5): 29-39.
[5]	Mingfeng ZHAO, Chen LEI, Yang ZHONG, Jinbo XIONG. Dynamic privacy measurement model and evaluation system for mobile edge crowdsensing [J]. Chinese Journal of Network and Information Security, 2021, 7(1): 157-166.
[6]	Yu ZHANG,Xixiang LYU,Yucong ZOU,Yige LI. Differentially private sequence generative adversarial networks for data privacy masking [J]. Chinese Journal of Network and Information Security, 2020, 6(4): 109-119.
[7]	Xianmang HE. Multi-party summation query method based on differential privacy [J]. Chinese Journal of Network and Information Security, 2020, 6(3): 14-18.
[8]	Lei YANG,Xiao ZHENG,Wei ZHAO. Non-equal-width histogram publishing method based on differential privacy [J]. Chinese Journal of Network and Information Security, 2020, 6(3): 39-49.
[9]	Hui LIU,Renwan BI,Jinbo XIONG,Mingfeng ZHAO,Biao JIN,Jie LIN. Fog-aided identity privacy protection scheme for sensing users in mobile crowd sensing [J]. Chinese Journal of Network and Information Security, 2019, 5(6): 75-84.
[10]	Ying WU,Xuan LI,Biao JIN,Rongrong JIN. Survey on the privacy-preserving content based image retrieval [J]. Chinese Journal of Network and Information Security, 2019, 5(4): 14-28.
[11]	Senyou LI,Xinsheng JI,Wei YOU. Research on differential privacy protection parameter configuration method based on confidence level [J]. Chinese Journal of Network and Information Security, 2019, 5(4): 29-39.
[12]	Zijian BAO,Qinghao WANG,Yongxin ZHANG,Bin WANG,Ning LU,Wenbo SHI. Regulatory Bitcoin privacy-preserving mixing service [J]. Chinese Journal of Network and Information Security, 2019, 5(4): 40-51.
[13]	Peng GUO, Shangping ZHONG, Kaizhi CHEN, Hang CHENG. Adaptive selection method of differential privacy GAN gradient clipping thresholds [J]. Chinese Journal of Network and Information Security, 2018, 4(5): 10-20.
[14]	Jun REN,Jin-bo XIONG,Zhi-qiang YAO. Security control scheme for cloud data copy based on differential privacy model [J]. Chinese Journal of Network and Information Security, 2017, 3(5): 38-46.
[15]	Jian-qiong HE,You-liang TIAN,Kai ZHOU. Provably secure social network privacy-preserving scheme [J]. Chinese Journal of Network and Information Security, 2016, 2(8): 62-67.