本文選題：協(xié)議識別　切入點：數(shù)據(jù)流分類　出處：《北京郵電大學(xué)》2014年碩士論文

【摘要】：隨著計算機(jī)網(wǎng)絡(luò)技術(shù)的發(fā)展,互聯(lián)網(wǎng)規(guī)模迅速增長,各種各樣的網(wǎng)絡(luò)新服務(wù)不斷出現(xiàn),安全性問題也在不斷升級。網(wǎng)絡(luò)管理人員需要知道用戶的上網(wǎng)行為來為用戶提供更好的帶寬請求和服務(wù)質(zhì)量,網(wǎng)絡(luò)服務(wù)提供商需要了解網(wǎng)絡(luò)服務(wù)的發(fā)展情況來提出對未來網(wǎng)絡(luò)應(yīng)用發(fā)展策略,科研學(xué)者需要研究網(wǎng)絡(luò)資源規(guī)劃以及網(wǎng)絡(luò)傳輸標(biāo)準(zhǔn),這些都離不開網(wǎng)絡(luò)數(shù)據(jù)流識別與分類技術(shù)。SSL協(xié)議提供了對網(wǎng)絡(luò)傳輸數(shù)據(jù)的加密支持,目前的數(shù)據(jù)流識別與分類算法都是基于端口或者負(fù)載內(nèi)容,這就為識別SSL數(shù)據(jù)流并對其承載的網(wǎng)絡(luò)服務(wù)分類帶來了嚴(yán)峻挑戰(zhàn)。 本文的研究工作主要包括以下幾個方面： 1.首先,本文對傳統(tǒng)的數(shù)據(jù)流分類算法及加密數(shù)據(jù)流分類算法進(jìn)行深入研究,提出基于SSL協(xié)議自身行為特征的機(jī)器學(xué)習(xí)數(shù)據(jù)流分類方法。 2.然后本文通過研究SSL協(xié)議的工作原理及網(wǎng)絡(luò)交互行為,給出了通用的SSL協(xié)議特征的提取方法,在理論上完成了對SSL協(xié)議特征識別的可計算模型,并通過實驗驗證該方法的正確性。 3.再后通過分析幾種常用的機(jī)器學(xué)習(xí)分類算法,對比各個分類算法的分類準(zhǔn)確率以及分類速度等因素,最終選取各方面表現(xiàn)優(yōu)異的決策樹算法作為本文的分類算法。 4.最后,結(jié)合已有平臺,設(shè)計并實現(xiàn)了一個針對SSL協(xié)議的數(shù)據(jù)流識別與分類系統(tǒng),通過采集數(shù)據(jù)測試,結(jié)果顯示該系統(tǒng)分類準(zhǔn)確率達(dá)到90%以上；最后通過對系統(tǒng)的優(yōu)化,使系統(tǒng)能夠在高速網(wǎng)絡(luò)環(huán)境中對SSL數(shù)據(jù)流的分類達(dá)到滿意的效果。
[Abstract]:With the development of computer network technology, the scale of the Internet is growing rapidly, and a variety of new network services are emerging. Security issues are also escalating. Network managers need to know how users surf the Internet to provide users with better bandwidth requests and quality of service. Network service providers need to understand the development of network services to put forward the development strategy of future network applications, researchers need to study network resource planning and network transmission standards. These are inseparable from the network data stream identification and classification technology. SSL protocol provides encryption support for network data transmission. The current data stream identification and classification algorithms are based on port or load content. This brings a severe challenge to identify the SSL data stream and classify the network services it carries. The research work of this paper mainly includes the following aspects:. 1. Firstly, the traditional data stream classification algorithm and the encryption data stream classification algorithm are deeply studied in this paper, and a machine learning data stream classification method based on the behavior characteristics of SSL protocol is proposed. 2. Then, by studying the working principle of SSL protocol and network interaction behavior, a general feature extraction method of SSL protocol is given, and the computable model for feature recognition of SSL protocol is completed theoretically. The correctness of the method is verified by experiments. 3. Then, by analyzing several commonly used machine learning classification algorithms, comparing the classification accuracy and classification speed of each classification algorithm, the decision tree algorithm with excellent performance in all aspects is selected as the classification algorithm in this paper. 4. Finally, a data stream recognition and classification system for SSL protocol is designed and implemented based on the existing platform. The results show that the classification accuracy of the system is over 90%, and the system is optimized. The system can classify the SSL data stream in the high speed network environment to achieve satisfactory results.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.04

【參考文獻(xiàn)】

相關(guān)期刊論文 前6條

1 戚玉華;吳學(xué)智;頓新平;;高速網(wǎng)絡(luò)數(shù)據(jù)流分類系統(tǒng)[J];電子測量技術(shù);2006年05期

2 彭蕓;劉瓊;;Internet流分類方法的比較研究[J];計算機(jī)科學(xué);2007年08期

3 劉瓊;劉珍;黃敏;;基于機(jī)器學(xué)習(xí)的IP流量分類研究[J];計算機(jī)科學(xué);2010年12期

4 張學(xué)杰;李大興;;SSL技術(shù)在構(gòu)建VPN中的應(yīng)用[J];計算機(jī)應(yīng)用;2006年08期

5 ;Research of the traffic characteristics for the real time online traffic classification[J];The Journal of China Universities of Posts and Telecommunications;2011年03期

6 武飛;曾凡平;熊能;鄧超強(qiáng);董齊興;;基于啟發(fā)式搜索的IP數(shù)據(jù)流分類方法的研究[J];小型微型計算機(jī)系統(tǒng);2012年10期

相關(guān)博士學(xué)位論文 前1條

1 張劍;寬帶接入網(wǎng)流量識別關(guān)鍵技術(shù)研究[D];北京郵電大學(xué);2011年

，

本文編號：1685330