基于SSL协议的数据流的识别与分类技术研究

发布时间：2018-03-30 09:29

本文选题：协议识别　切入点：数据流分类　出处：《北京邮电大学》2014年硕士论文

【摘要】：随着计算机网络技术的发展,互联网规模迅速增长,各种各样的网络新服务不断出现,安全性问题也在不断升级。网络管理人员需要知道用户的上网行为来为用户提供更好的带宽请求和服务质量,网络服务提供商需要了解网络服务的发展情况来提出对未来网络应用发展策略,科研学者需要研究网络资源规划以及网络传输标准,这些都离不开网络数据流识别与分类技术。SSL协议提供了对网络传输数据的加密支持,目前的数据流识别与分类算法都是基于端口或者负载内容,这就为识别SSL数据流并对其承载的网络服务分类带来了严峻挑战。本文的研究工作主要包括以下几个方面： 1.首先,本文对传统的数据流分类算法及加密数据流分类算法进行深入研究,提出基于SSL协议自身行为特征的机器学习数据流分类方法。 2.然后本文通过研究SSL协议的工作原理及网络交互行为,给出了通用的SSL协议特征的提取方法,在理论上完成了对SSL协议特征识别的可计算模型,并通过实验验证该方法的正确性。 3.再后通过分析几种常用的机器学习分类算法,对比各个分类算法的分类准确率以及分类速度等因素,最终选取各方面表现优异的决策树算法作为本文的分类算法。 4.最后,结合已有平台,设计并实现了一个针对SSL协议的数据流识别与分类系统,通过采集数据测试,结果显示该系统分类准确率达到90%以上；最后通过对系统的优化,使系统能够在高速网络环境中对SSL数据流的分类达到满意的效果。
[Abstract]:With the development of computer network technology, the scale of the Internet is growing rapidly, and a variety of new network services are emerging. Security issues are also escalating. Network managers need to know how users surf the Internet to provide users with better bandwidth requests and quality of service. Network service providers need to understand the development of network services to put forward the development strategy of future network applications, researchers need to study network resource planning and network transmission standards. These are inseparable from the network data stream identification and classification technology. SSL protocol provides encryption support for network data transmission. The current data stream identification and classification algorithms are based on port or load content. This brings a severe challenge to identify the SSL data stream and classify the network services it carries. The research work of this paper mainly includes the following aspects:. 1. Firstly, the traditional data stream classification algorithm and the encryption data stream classification algorithm are deeply studied in this paper, and a machine learning data stream classification method based on the behavior characteristics of SSL protocol is proposed. 2. Then, by studying the working principle of SSL protocol and network interaction behavior, a general feature extraction method of SSL protocol is given, and the computable model for feature recognition of SSL protocol is completed theoretically. The correctness of the method is verified by experiments. 3. Then, by analyzing several commonly used machine learning classification algorithms, comparing the classification accuracy and classification speed of each classification algorithm, the decision tree algorithm with excellent performance in all aspects is selected as the classification algorithm in this paper. 4. Finally, a data stream recognition and classification system for SSL protocol is designed and implemented based on the existing platform. The results show that the classification accuracy of the system is over 90%, and the system is optimized. The system can classify the SSL data stream in the high speed network environment to achieve satisfactory results.
【学位授予单位】：北京邮电大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.04

【参考文献】