计算机与现代化 ›› 2021, Vol. 0 ›› Issue (08): 112-120.
出版日期:
2021-08-19
发布日期:
2021-08-19
作者简介:
冷涛(1986—),男,四川泸州人,讲师,博士研究生,研究方向:加密流量测量,APT攻击检测,E-mail: 461976271@qq.com。
基金资助:
Online:
2021-08-19
Published:
2021-08-19
摘要: 近年来,为保护公众隐私,互联网上的很多流量被加密传输,传统的基于深度包检测、机器学习的方法在面对加密流量时,准确率大幅下降。随着深度学习自动学习特征的应用,基于深度学习算法的加密流量识别和分类技术得到了快速发展,本文对这些研究进行综述。首先,简要介绍基于深度学习的加密流量检测应用场景。然后,从数据集的使用和构建、检测模型和检测性能3个方面对已有工作进行总结和评价,其中检测技术重点论述数据的预处理、不平衡数据集的处理、神经网络构建、实时检测等方法。最后,讨论当前研究中出现的问题和未来发展方向和前景,为该领域的研究人员提供一些借鉴。
冷涛, . 基于深度学习的加密流量分类研究综述[J]. 计算机与现代化, 2021, 0(08): 112-120.
LENG Tao , . A Survey of Encrypted Traffic Classification Based on Deep Learning[J]. Computer and Modernization, 2021, 0(08): 112-120.
[1] | ROUGHAN M, SEN S, SPATSCHECK O, et al. Class-of-service mapping for QoS: A statistical signature-based approach to IP traffic classification[C]// Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement. 2004:135-148. |
[2] | LASHKARI A H, GIL G D, MAMUN M S I, et al. Characterization of Tor traffic using time based features[C]// Proceedings of the 3rd International Conference on Information Systems Security and Privacy. 2017:253-262. |
[3] | 陈良臣,高曙,刘宝旭,等. 网络加密流量识别研究进展及发展趋势[J]. 信息网络安全, 2019(3):19-25. |
[4] | SHAPIRA T, SHAVITT Y. Flowpic: Encrypted Internet traffic classification is as easy as image recognition[C]// IEEE Conference on Computer Communications Workshops. 2019:680-687. |
[5] | SIRINAM P, IMANI M, JUAREZ M, et al. Deep fingerprinting: Undermining website fingerprinting defenses with deep learning[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018:1928-1943. |
[6] | DE LA CADENA W, MITSEVA A, HILLER J, et al. TrafficSliver: Fighting website fingerprinting attacks with traffic splitting[C]// Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. 2020:1971-1985. |
[7] | ABUSNAINA A, JANG R, KHORMALI A, et al. DFD: Adversarial learning-based approach to defend against website fingerprinting[C]// IEEE INFOCOM 2020-IEEE Conference on Computer Communications. 2020:2459-2468. |
[8] | SHEN M, LIU Y T, CHEN S Q, et al. Fine-grained webpage fingerprinting using only packet length information of encrypted traffic[J]. IEEE Transactions on Information Forensics and Security, 2021,16:2046-2059. |
[9] | SHEN M, ZHANG J P, ZHU L H, et al. Accurate decentralized application identification via encrypted traffic analysis using graph neural networks[J]. IEEE Transactions on Information Forensics and Security, 2021,16:2367-2380. |
[10] | VAN EDE T, BORTOLAMEOTTI R, CONTINELLA A, et al. Flowprint: Semi-supervised mobile-app fingerprinting on encrypted network traffic[C]// Network and Distributed System Security Symposium. 2020. |
[11] | BAHRAMALI A, HOUMANSADR A, SOLTANI R, et al. Practical traffic analysis attacks on secure messaging applications[C]// Network and Distributed System Security Symposium. 2020. |
[12] | ZHANG W, MENG Y, LIU Y G, et al. Homonit: Monitoring smart home apps from encrypted traffic[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018:1074-1088. |
[13] | YU J L, LUO B, MA J, et al. You are what you broadcast: Identification of mobile and IoT devices from (public) WiFi[C]// The 29th USENIX Security Symposium. 2020:55-72. |
[14] | WAN Y X, XU K, XUE G L, et al. IoTArgos: A multi-layer security monitoring system for Internet-of-Things in smart homes[C]// IEEE Conference on Computer Communications. 2020:874-883. |
[15] | GU T B, FANG Z, ABHISHEK A, et al. IoTgaze: IoT security enforcement via wireless context analysis[C]// IEEE Conference on Computer Communications. 2020:884-893. |
[16] | SIVAKORN S, JEE K, SUN Y X, et al. Countering malicious processes with process-DNS association[C]// Network and Distributed System Security Symposium. 2019. |
[17] | YUAN B G, WANG J F, LIU D, et al. Byte-level malware classification based on markov images and deep learning[J]. Computers & Security, 2020,92:101740. |
[18] | LEE I, ROH H, LEE W. Encrypted malware traffic detection using incremental learning[C]// IEEE Conference on Computer Communications Workshops. 2020:1348-1349. |
[19] | NIU W N, XIE J, ZHANG X S, et al. HTTP-based APT malware infection detection using URL correlation analysis[J]. Security and Communication Networks, 2021, 2021:Article ID 6653386. |
[20] | 王伟. 基于深度学习的网络流量分类及异常检测方法研究[D]. 合肥:中国科学技术大学, 2018. |
[21] | WANG P, CHEN X J, YE F, et al. A survey of techniques for mobile service encrypted traffic classification using deep learning[J]. IEEE Access, 2019,7:54024-54033. |
[22] | TAHAEI H, AFIFI F, ASEMI A, et al. The rise of traffic classification in IoT networks: A survey[J]. Journal of Network and Computer Applications, 2020,154:102538. |
[23] | LOPEZ-MARTIN M, CARRO B, SANCHEZ-ESGUEVILLAS A, et al. Network traffic classifier with convolutional and recurrent neural networks for Internet of things[J]. IEEE Access, 2017,5:18042-18050. |
[24] | ZHANG J L, LI F H, YE F, et al. Autonomous unknown-application filtering and labeling for DL-based traffic classifier update[C]// IEEE Conference on Computer Communications. 2020:397-405. |
[25] | ZHAO L X, CAI L J, YU A M, et al. Prototype-based malware traffic classification with novelty detection[C]// International Conference on Information and Communications Security. 2019:3-17. |
[26] | KAMARUDIN M H, MAPLE C, WATSON T. Hybrid feature selection technique for intrusion detection system[J]. International Journal of High Performance Computing and Networking, 2019,13(2):232-240. |
[27] | MIMURA M. Adjusting lexical features of actual proxy logs for intrusion detection[J]. Journal of Information Security and Applications, 2020,50:102408. |
[28] | WANG P, LI S H, YE F, et al. PacketCGAN: Exploratory study of class imbalance for encrypted traffic classification using CGAN[C]// 2020 IEEE International Conference on Communications (ICC). 2020:1-7. |
[29] | VU L, BUI C T, NGUYEN Q U. A deep learning based method for handling imbalanced problem in network traffic classification[C]// Proceedings of the 8th International Symposium on Information and Communication Technology. 2017:333-339. |
[30] | REZAEI S, LIU X. How to achieve high classification accuracy with just a few labels: A semi-supervised approach using sampled packets[C]// The 19th Industrial Conference on Data Mining. 2019:28-42. |
[31] | DONG C, ZHANG C, LU Z G, et al. CETAnalytics: Comprehensive effective traffic information analytics for encrypted traffic classification[J]. Computer Networks, 2020,176:107258 |
[32] | REZAEI S, LIU X. Multitask learning for network traffic classification[C]// 2020 29th International Conference on Computer Communications and Networks. 2020:1-9. |
[33] | LIU C, HE L T, XIONG G, et al. FS-Net: A flow sequence network for encrypted traffic classification[C]// IEEE Conference on Computer Communications. 2019:1171-1179. |
[34] | ILIYASU A S, DENG H F. Semi-supervised encrypted traffic classification with deep convolutional generative adversarial networks[J]. IEEE Access, 2020,8:118-126. |
[35] | CUI S S, JIANG B, CAI Z Z, et al. A session-packets based encrypted traffic classification using capsule neural networks[C]// 2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems(HPCC/SmartCity/DSS). 2019:429-436. |
[36] | WANG Z Y. The applications of deep learning on traffic identification[C]// USA Black Hat Conference. 2015. |
[37] | 薛文龙,于炯,郭志琦,等. 基于特征融合卷积神经网络的端到端加密流量分类[J/OL]. 计算机工程与应用, 2020:1-10(2020-08-31)[2021-04-01]. https://kns. cnki.net/kcms/detail/detail.aspx?dbcode=CAPJ&dbname=CAPJLAST&-filename=JSGG20200828006&v=UVJbamaWiqNeLlKu75%25mmd2B2OAyy%25mmd2Buvg0UUSmvO5Qw-KCPmtt71xrsu U%25mmd2FDXGUWziwd%25mmd2BSl. |
[38] | 范聂霏. 基于卷积神经网络的流量分类方法研究[M]. 武汉:华中师范大学, 2020. |
[39] | WANG W, SHENG Y Q, WANG J L, et al. HAST-IDS: Learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection[J]. IEEE Access, 2017,6:1792-1806. |
[40] | ACETO G, CIUONZO D, MONTIERI A, et al. Mobile encrypted traffic classification using deep learning[C]// IEEE/ACM Network Traffic Measurement and Analysis Conference. 2018:1-8. |
[41] | WANG W, ZHU M, WANG J L, et al. End-to-end encrypted traffic classification with one-dimensional convolution neural networks[C]// 2017 IEEE International Conference on Intelligence and Security Informatics. 2017:43-48. |
[42] | CHEN Z T, HE K, LI J, et al. Seq2Img: A sequence-to-image based approach towards IP traffic classification using convolutional neural networks[C]// 2017 IEEE International Conference on Big Data. 2017:1271-1276. |
[43] | LOTFOLLAHI M, ZADE R S H, SIAVOSHANI M J, et al. Deep packet: A novel approach for encrypted traffic classification using deep learning[J]. Soft Computing, 2020,24(3):1999-2012. |
[44] | HOCHST J, BAUMGARTNER L, HOLLICK M, et al. Unsupervised traffic flowclassification using a neural autoencoder[C]// 2017 IEEE 42nd Conference on Local Computer Networks. 2017:523-526. |
[45] | DRAPER-GIL G, LASHKARI A H, MAMUN M S I, et al. Characterization of encrypted and VPN traffic using time-related features[C]// Proceedings of the 2nd International Conference on Information Systems Security and Privacy. 2016:407-414. |
[46] | LIM H K, KIM J B, HEO J S, et al. Packet-based network traffic classification using deep learning[C]// The 1st International Conference on Artificial Intelligence in Information and Communication. 2019:46-51. |
[47] | HASIBI R, SHOKRI M, DEHGHAN M. Augmentation scheme for dealing with imbalanced network traffic classification using deep learning[J]. Arxiv Preprint Arxiv:1901.00204, 2019. |
[48] | LI D, ZHU Y F, LIN W. Traffic identification of mobile apps based on variational autoencoder network[C]// 2017 13th International Conference on Computational Intelligence and Security. 2017:287-291. |
[49] | ZHANG H P, WU C Q, GAO S, et al. An effective deep learning based scheme for network intrusion detection[C]// 2018 24th International Conference on Pattern Recognition. 2018:682-687. |
[50] | AYGUN R C, YAVUZ A G. Network anomaly detection with stochastically improved autoencoder based models[C]// 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing. 2017:193-198. |
[51] | ZENG Y, GU H X, WEI W T, et al. Deep-Full-Rang: A deep learning based network enerypted traffic classification and intrusion detection framework[J]. IEEE Access, 2019,7:45182-45190. |
[52] | ZOU Z, GE J G, ZHENG H B, et al. Encrypted traffic classification with a convolutional long short-term memory neural network[C]// 2018 IEEE 20th International Conference on High Performance Computing and Communications; IEEE 16th International Conference on Smart City; IEEE 4th International Conference on Data Science and Systems (HPCC/SmartCity/DSS). 2018:329-334. |
[1] | 李健, 张克亮, 唐亮, 夏榕璟, 任静静. 面向中文命名实体识别任务的数据增强[J]. 计算机与现代化, 2022, 0(04): 1-6. |
[2] | 陈云翔, 王巍, 宁娟, 陈怡丹, 赵永新, 周庆华. PSWGAN-GP:改进梯度惩罚的生成对抗网络[J]. 计算机与现代化, 2022, 0(04): 21-26. |
[3] | 梁正友, 耿经邦, 孙宇. 基于改进残差网络的交通标志识别算法[J]. 计算机与现代化, 2022, 0(04): 52-57. |
[4] | 秦鸣乐, 年梅, 张俊, . 基于深度生成对抗网络的恶意TLS流量识别[J]. 计算机与现代化, 2022, 0(04): 121-126. |
[5] | 谢辉, 师后勤, 齐宇霄, 陈瑞, 童莹. 基于注意力机制子网络的时空跌倒检测算法[J]. 计算机与现代化, 2022, 0(03): 70-75. |
[6] | 胡焱, 卓书龙, 司成可. 数据驱动的ADS-B干扰源信号类型识别[J]. 计算机与现代化, 2022, 0(02): 19-25. |
[7] | 张晓航, 李 政, 朱晓明, 张海锋, 赵博宇. 基于RBF神经网络的可信加密流量分类方法[J]. 计算机与现代化, 2022, 0(02): 45-51. |
[8] | 赵延平, 王芳, 夏杨. 基于支持向量机的短文本分类方法[J]. 计算机与现代化, 2022, 0(02): 92-96. |
[9] | 冷浩柏, 卢涵宇, 郭彩, 袁咏仪, 杨文雅. 基于改进胶囊神经网络的遥感影像分类[J]. 计算机与现代化, 2022, 0(02): 102-107. |
[10] | 杨贞, 朱强强, 彭小宝, 殷志坚, 温海桥, 黄春华. 基于深度级联模型工业安全帽检测算法[J]. 计算机与现代化, 2022, 0(01): 91-97. |
[11] | 韩建, 李林, 曹志民, 段朝辉, 万川, . 基于区域结构特征的城区LiDAR数据快速分类[J]. 计算机与现代化, 2021, 0(12): 48-52. |
[12] | 陈勋豪, 杨莹, 黄俊茹, 孙玉宝. 基于多尺度融合网络的视频快照压缩感知重建[J]. 计算机与现代化, 2021, 0(12): 58-64. |
[13] | 仇誉, 韩俊英, 封成智, 陈永卫. 基于卷积神经网络的苹果栽培品种识别[J]. 计算机与现代化, 2021, 0(12): 65-71. |
[14] | 汪帆, 魏宪, 郭杰龙, 梁培栋. 基于多通道分离整合的多尺度单幅图像去雨算法[J]. 计算机与现代化, 2021, 0(12): 72-78. |
[15] | 杨欣怡, 侯凌燕, 杨大利, 崔丽艳. 基于SMOTE和RNN的肾移植排斥反应预测[J]. 计算机与现代化, 2021, 0(11): 7-11. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||