当前位置:
X-MOL 学术
›
Secur. Commun. Netw.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
CLD-Net: A Network Combining CNN and LSTM for Internet Encrypted Traffic Classification
Security and Communication Networks ( IF 1.968 ) Pub Date : 2021-06-18 , DOI: 10.1155/2021/5518460 Xinyi Hu 1, 2 , Chunxiang Gu 1, 2 , Fushan Wei 1, 2
Security and Communication Networks ( IF 1.968 ) Pub Date : 2021-06-18 , DOI: 10.1155/2021/5518460 Xinyi Hu 1, 2 , Chunxiang Gu 1, 2 , Fushan Wei 1, 2
Affiliation
The development of the Internet has led to the complexity of network encrypted traffic. Identifying the specific classes of network encryption traffic is an important part of maintaining information security. The traditional traffic classification based on machine learning largely requires expert experience. As an end-to-end model, deep neural networks can minimize human intervention. This paper proposes the CLD-Net model, which can effectively distinguish network encrypted traffic. By segmenting and recombining the packet payload of the raw flow, it can automatically extract the features related to the packet payload, and by changing the expression of the packet interval, it integrates the packet interval information into the model. We use the ability of Convolutional Neural Network (CNN) to distinguish image classes, learn and classify the grayscale images that the raw flow has been preprocessed into, and then use the effectiveness of Long Short-Term Memory (LSTM) network on time series data to further enhance the model’s ability to classify. Finally, through feature reduction, the high-dimensional features learned by the neural network are converted into 8 dimensions to distinguish 8 different classes of network encrypted traffic. In order to verify the effectiveness of the CLD-Net model, we use the ISCX public dataset to conduct experiments. The results show that our proposed model can distinguish whether the unknown network traffic uses Virtual Private Network (VPN) with an accuracy of 98% and can accurately identify the specific traffic (chats, audio, or file) of Facebook and Skype applications with an accuracy of 92.89%.
中文翻译:
CLD-Net:一种结合 CNN 和 LSTM 的网络,用于互联网加密流量分类
互联网的发展导致了网络加密流量的复杂性。识别特定类别的网络加密流量是维护信息安全的重要部分。传统的基于机器学习的流量分类需要专家经验。作为端到端模型,深度神经网络可以最大限度地减少人为干预。本文提出了CLD-Net模型,可以有效区分网络加密流量。通过对原始流的数据包净荷进行分段重组,自动提取与数据包净荷相关的特征,并通过改变数据包间隔的表达方式,将数据包间隔信息集成到模型中。我们利用卷积神经网络(CNN)的能力来区分图像类别,学习和分类原始流已经预处理成的灰度图像,然后利用长短期记忆(LSTM)网络对时间序列数据的有效性进一步增强模型的分类能力。最后,通过特征约简,将神经网络学习到的高维特征转化为8维,以区分8种不同类别的网络加密流量。为了验证CLD-Net模型的有效性,我们使用ISCX公共数据集进行实验。结果表明,我们提出的模型可以以 98% 的准确率区分未知网络流量是否使用虚拟专用网 (VPN),并且可以准确识别 Facebook 和 Skype 应用程序的特定流量(聊天、音频或文件)。 92.89%。
更新日期:2021-06-18
中文翻译:
CLD-Net:一种结合 CNN 和 LSTM 的网络,用于互联网加密流量分类
互联网的发展导致了网络加密流量的复杂性。识别特定类别的网络加密流量是维护信息安全的重要部分。传统的基于机器学习的流量分类需要专家经验。作为端到端模型,深度神经网络可以最大限度地减少人为干预。本文提出了CLD-Net模型,可以有效区分网络加密流量。通过对原始流的数据包净荷进行分段重组,自动提取与数据包净荷相关的特征,并通过改变数据包间隔的表达方式,将数据包间隔信息集成到模型中。我们利用卷积神经网络(CNN)的能力来区分图像类别,学习和分类原始流已经预处理成的灰度图像,然后利用长短期记忆(LSTM)网络对时间序列数据的有效性进一步增强模型的分类能力。最后,通过特征约简,将神经网络学习到的高维特征转化为8维,以区分8种不同类别的网络加密流量。为了验证CLD-Net模型的有效性,我们使用ISCX公共数据集进行实验。结果表明,我们提出的模型可以以 98% 的准确率区分未知网络流量是否使用虚拟专用网 (VPN),并且可以准确识别 Facebook 和 Skype 应用程序的特定流量(聊天、音频或文件)。 92.89%。
京公网安备 11010802027423号