网络与信息安全学报 ›› 2023, Vol. 9 ›› Issue (1): 32-41.doi: 10.11959/j.issn.2096-109x.2023007
史国振1, 李昆阳1, 刘瑶2, 杨永健1
修回日期:
2022-12-04
出版日期:
2023-02-25
发布日期:
2023-02-01
作者简介:
史国振(1974- ),男,河南济源人,北京电子科技学院教授、博士生导师,主要研究方向为网络与系统安全、嵌入式系统基金资助:
Guozhen SHI1, Kunyang LI1, Yao LIU2, Yongjian YANG1
Revised:
2022-12-04
Online:
2023-02-25
Published:
2023-02-01
Supported by:
摘要:
随着用户安全意识的提高和加密技术的发展,加密流量已经成为网络流量中的重要部分,识别加密流量成为网络流量监管的重要部分。基于传统深度学习模型的加密流量识别方法存在效果差、模型训练时间长等问题。针对上述问题,提出了一种基于深度残差胶囊网络模型(DRCN,deep residual capsule network)的加密流量识别方法。原始胶囊网络通过全连接形式堆叠导致模型耦合系数变小,无法搭建深层网络模型。针对上述问题,DRCN模型采用三维卷积算法(3DCNN)动态路由算法代替全连接动态路由算法,减少了每个胶囊层之间传递的参数,降低了运算复杂度,进而构建深层胶囊网络,提高识别的准确率和效率;引入通道注意力机制为不同的特征赋予不同的权重,减少无用特征对识别结果的影响,进一步增强模型特征提取能力;将残差网络引入胶囊网络层,搭建残差胶囊网络模块缓解了深度胶囊网络的梯度消失问题。在数据预处理方面,截取的数据包前784byte,将截取的字节转化成图像输入到DRCN模型中,该方法避免了人工特征提取,减少了加密流量识别的人工成本。在ISCXVPN2016数据集上的实验结果表明,与效果最好的BLSTM模型相比,DRCN模型的准确率提高了5.54%,模型的训练时间缩短了232s。此外,在小数据集上,DRCN模型准确率达到了94.3%。上述实验结果证明,所提出的识别方案具有较高的识别率、良好的性能和适用性。
中图分类号:
史国振, 李昆阳, 刘瑶, 杨永健. 基于深度残差胶囊网络与注意力机制的加密流量识别方法[J]. 网络与信息安全学报, 2023, 9(1): 32-41.
Guozhen SHI, Kunyang LI, Yao LIU, Yongjian YANG. Encrypted traffic identification method based on deep residual capsule network with attention mechanism[J]. Chinese Journal of Network and Information Security, 2023, 9(1): 32-41.
[1] | AHMED M , MAHMOOD A N , HU J . A survey of network anomaly detection techniques[J]. Journal of Network & Computer Applications, 2016,60: 19-31. |
[2] | DAINOTTI A , PESCAPE A , CLAFFY K C . Issues and future directions in traffic classification[J]. IEEE Network, 2012,26(1): 35-40. |
[3] | LUFT S J , CHIANG P . Network element architecture for deep packet inspection:US,US7719966 B2[P]. 2010. |
[4] | ESTE A , GRINGOLI F , SALGARELLI L . Support vector machines for TCP traffic classification[J]. Computer Networks, 2009,53(14): 2476-2490. |
[5] | KHONDOKE R , RAHAMATULLAH M . Interactive traffic class prioritization and radio link condition diversification techniques for efficient utilization of MMS and WAP services[J]. Chemical Communications, 2012,48(98): 11960-11962. |
[6] | QIU C , XU H , BAO Y . Modified-DBSCAN clustering for identifying traffic accident prone locations[C]// International Conference on Intelligent Data Engineering and Automated Learning. 2016: 99-105. |
[7] | WEI W , MING Z , WANG J ,et al. End-to-end encrypted traffic classification with one-dimensional convolution neural networks[C]// 2017 IEEE International Conference on Intelligence and Security Informatics (ISI). 2017. |
[8] | SHAPIRA T , SHAVITT Y . FlowPic:encrypted internet traffic classification is as easy as image recognition[C]// IEEE INFOCOM 2019 - IEEE Conference on Computer Communications Workshops. 2019. |
[9] | REN X , GU H , WEI W . Tree-RNN:tree structural recurrent neural network for network traffic classification[J]. Expert Systems with Applications, 2021,167(1): 114363. |
[10] | XIAO X , XIAO W , LI R ,et al. EBSNN:extended byte segment neural network for network traffic classification[J]. IEEE Transactions on Dependable and Secure Computing, 2021(1). |
[11] | YAO H , LIU C , ZHANG P ,et al. Identification of encrypted traffic through attention mechanism based long short term memory[J]. IEEE Trans Big Data, 2022,8(1): 241-252. |
[12] | ZOU Z , GE J , ZHENG H ,et al. Encrypted traffic classification with a convolutional long short-term memory neural network[C]// 2018 IEEE 20th International Conference on High Performance Computing and Communications; IEEE 16th International Conference on Smart City,IEEE 4th International Conference on Data Science and Systems (HPCC/SmartCity/DSS). 2018: 329-334. |
[13] | SABOUR S , FROSST N , HINTON G E . Dynamic routing between capsules[C]// Proceedings of the 31st International Conference on Neural Information Processing Systems. 2017: 3859-3869. |
[14] | RAJASEGARAN J , JAYASUNDARA V , JAYASEKARA S ,et al. Deepcaps:going deeper with capsule networks[C]// Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition. 2019: 10725-10733. |
[15] | VENKATARAMAN S R , BALASUBRAMANIAN S , SARMA R R . Building deep equivariant capsule networks[C]// International Conference on Learning Representations. 2019. |
[16] | SRIVASTAVA R K , GREFF K , SCHMIDHUBER J . Training very deep networks[C]// Proceedings of the 28th International Conference on Neural Information Processing Systems-Volume 2. 2015: 2377-2385. |
[17] | 骆子铭, 许书彬, 刘晓东 . 基于机器学习的 TLS 恶意加密流量检测方案[J]. 网络与信息安全学报, 2020,6(1): 77-83. |
LUO Z M , XU S B , LIU X D . Scheme for identifying malware traffic with TLS data based on machine learning[J]. Chinese Journal of Network and Information Security, 2020,6(1): 77-83. | |
[18] | 翟明芳, 张兴明, 赵博 . 基于深度学习的加密恶意流量检测研究[J]. 网络与信息安全学报, 2020,6(3): 66-77. |
ZHAI M F , ZHANG X M , ZHAO B . Survey of encrypted malicious traffic detection based on deep learning[J]. Chinese Journal of Network and Information Security, 2020,6(3): 66-77. | |
[19] | HU J , SHEN L , SUN G . Squeeze-and-excitation networks[C]// Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 2018: 7132-7141. |
[20] | TRAN D , BOURDEV L , FERGUS R ,et al. Learning spatiotemporal features with 3d convolutional networks[C]// Proceedings of the IEEE International Conference on Computer Vision. 2015: 4489-4497. |
[21] | HE K , ZHANG X , REN S ,et al. Deep residual learning for image recognition[C]// Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 2016: 770-778. |
[22] | DRAPER-GIL G , LASHKARI A H , MAMUN M S I ,et al. Characterization of encrypted and VPN traffic using time-related[C]// Proceedings of the 2nd International Conference on Information Systems Security and Privacy (ICISSP). 2016: 407-414. |
[1] | 陈先意, 顾军, 颜凯, 江栋, 许林峰, 付章杰. 针对车牌识别系统的双重对抗攻击[J]. 网络与信息安全学报, 2023, 9(3): 16-27. |
[2] | 叶天鹏, 林祥, 李建华, 张轩凯, 许力文. 面向雾计算的个性化轻量级分布式网络入侵检测系统[J]. 网络与信息安全学报, 2023, 9(3): 28-37. |
[3] | 祖立军, 曹雅琳, 门小骅, 吕智慧, 叶家炜, 李泓一, 张亮. 基于隐私风险评估的脱敏算法自适应方法[J]. 网络与信息安全学报, 2023, 9(3): 49-59. |
[4] | 夏锐琪, 李曼曼, 陈少真. 基于机器学习的分组密码结构识别[J]. 网络与信息安全学报, 2023, 9(3): 79-89. |
[5] | 袁静怡, 李子川, 彭国军. EN-Bypass:针对邮件代发提醒机制的安全评估方法[J]. 网络与信息安全学报, 2023, 9(3): 90-101. |
[6] | 余锋, 林庆新, 林晖, 汪晓丁. 基于生成对抗网络的隐私增强联邦学习方案[J]. 网络与信息安全学报, 2023, 9(3): 113-122. |
[7] | 朱春陶, 尹承禧, 张博林, 殷琪林, 卢伟. 基于多域时序特征挖掘的伪造人脸检测方法[J]. 网络与信息安全学报, 2023, 9(3): 123-134. |
[8] | 李晓萌, 郭玳豆, 卓训方, 姚恒, 秦川. 载体独立的抗屏摄信息膜叠加水印算法[J]. 网络与信息安全学报, 2023, 9(3): 135-149. |
[9] | 蔡召, 荆涛, 任爽. 以太坊钓鱼诈骗检测技术综述[J]. 网络与信息安全学报, 2023, 9(2): 21-32. |
[10] | 潘雁, 林伟, 祝跃飞. 渐进式的协议状态机主动推断方法[J]. 网络与信息安全学报, 2023, 9(2): 81-93. |
[11] | 杨盼, 康绯, 舒辉, 黄宇垚, 吕小少. 基于函数摘要的二进制程序污点分析优化方法[J]. 网络与信息安全学报, 2023, 9(2): 115-131. |
[12] | 肖天, 江智昊, 唐鹏, 黄征, 郭捷, 邱卫东. 基于深度强化学习的高性能导向性模糊测试方案[J]. 网络与信息安全学报, 2023, 9(2): 132-142. |
[13] | 袁承昊, 李勇, 任爽. 多关键词动态可搜索加密方案[J]. 网络与信息安全学报, 2023, 9(2): 143-153. |
[14] | 侯泽洲, 任炯炯, 陈少真. 基于神经网络区分器的SIMON-like算法参数安全性评估[J]. 网络与信息安全学报, 2023, 9(2): 154-163. |
[15] | 郭学镜, 方毅翔, 赵怡, 张天助, 曾文超, 王俊祥. 基于传统引导机制的深度鲁棒水印算法[J]. 网络与信息安全学报, 2023, 9(2): 175-183. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|