Research On Classification Methods Of Encrypted Network Traffic Based On Computer Vision

Traffic classification can accurately describe the behavior patterns of network users,and realize dynamic management of network resources and improvement of utilization.With the popularization of Internet applications,personal privacy and information security have gradually attracted attention,and the widespread use of network security protocols makes most traffic appear in the form of ciphertext.Traffic is processed through different encryption technologies and the payload cannot be analyzed without sufficient information.The statistical characteristics of encrypted traffic have a certain randomness.Because of the above characteristics,traditional traffic classification methods cannot effectively complete the classification task,so the existing research focuses on encrypted traffic classification.Different from the traditional method of using raw encrypted traffic data to design deep learning networks for data extraction and classification,the visual-based encrypted network traffic classification converts encrypted traffic into images,which are used as the classification basis to ensure data security and privacy to a large extent.A simple and effective image classification algorithm can improve the classification accuracy and reduce the time required for classification.The existing research on vision-based encrypted traffic classification mainly has two problems: low accuracy of known encrypted traffic classification and inefficient classification of unknown application traffic classification.In order to solve the above problems,this thesis proposes two solutions: the high precision identification method of encrypted traffic based on image and the classification method of unknown encrypted traffic based on open set recognition.In view of the existing vision-based encrypted traffic classification methods,the limited selection of features in the process of generating encrypted traffic images leads to the low accuracy of encrypted traffic classification.In this thesis,a high precision identification method of encrypted traffic based on image is proposed,and the image generation method of encrypted traffic based on characterization of time,space and protocol features is studied.An improved LENet-5 encryption traffic recognition model based on convolutional neural network is designed.Experimental results show that the classification accuracy of conventional encrypted traffic behavior is improved by 4.2% and the application classification accuracy is up to 99.7% in the ISCX open data set classification.Aiming at the problem of poor classification effectiveness caused by the complexity of model construction in the classification of unknown encrypted traffic by the existing methods.In this thesis,an unknown encrypted traffic classification method based on open set recognition is proposed.Computer vision open set recognition is introduced into the field of encrypted traffic classification to quickly extract unknown traffic types.An unknown encrypted traffic classification algorithm based on K-means clustering is designed,and the classification model is updated by transfer learning.Theoretical analysis and experimental results show that the proposed method is feasible and real-time in different application scenarios.Based on the above research techniques and methods,a set of encrypted traffic analysis system Traffic Class based on data visualization is designed and implemented,which implements the modules of encrypted traffic upload,classification demand selection,behavior analysis,application analysis and so on.The system can complete the data analysis of encrypted traffic according to the user’s choice,and realize the visualization of classification results.The system supports traffic monitoring in application scenarios such as data center operation and maintenance and community platform.