SSH隧道下应用协议识别的网络安全研究
投稿时间:2018-05-17  修订日期:2018-05-23  点此下载全文
引用本文:
摘要点击次数: 167
全文下载次数: 0
作者单位邮编
麦兴宾* 国网西藏信通公司 西藏拉萨 850000 850000
中文摘要:随着互联网技术在近年来迅猛发展,网络用户量也在不断攀升,导致网络流量日益庞大。网络流量和网络中各种应用协议数据报文的高速增长,使得骨干网络中流量增大、协议类型繁杂,严重影响网络整体速率,同时也给网络监管带来极大不便。为了减少网络安全风险,过滤网络中存在的非法应用及内容,需要对网络中的流量进行精细化的识别分类。本文使用卷积神经网络算法识别SSH隧道流量,提出两阶段模型对SSH流量进行精细化识别的方法,设计并实现了网络流量识别的总体结构。通过Keras框架和Tensorflow后台搭建的卷积神经网络模型,最终识别率达到93%。
中文关键词:流量识别  卷积神经网络  网络安全  深度学习
 
Research on Network Security of Application Protocol Identification under SSH Tunnel
Abstract:With the rapid development of Internet technology in recent years, the number of users in the network is also on the rise, resulting in an increasingly large network traffic. Network traffic and the rapid growth of various application protocol data messages in the network increase the traffic in the backbone network and complicate the protocol types, which seriously affect the overall network rate and bring great inconvenience to network supervision. In order to reduce the risk of network security and filter the illegal applications and contents existing in the network, the traffic classification in the network needs to be refined and classified. In this paper, convolutional neural network algorithm is used to identify SSH tunnel traffic. A two-phase model is proposed to fine-tune SSH traffic. The overall structure of network traffic identification is designed and implemented. The convolutional neural network model built by Keras framework and Tensorflow back end achieves a final recognition rate of 93%.
keywords:traffic identification  convolution neural network  cyber security  deep learning
查看全文   查看/发表评论   下载pdf阅读器