基于人工蜂群算法的Tor流量在线识别方法

doi:10.19678/j.issn.1000-3428.0059492

计算机工程 ›› 2021, Vol. 47 ›› Issue (11): 129-135,143. doi: 10.19678/j.issn.1000-3428.0059492

基于人工蜂群算法的Tor流量在线识别方法

梁晓萌¹, 严明^1,2, 吴杰^1,2

1. 复旦大学计算机科学技术学院, 上海 200433;
2. 教育部网络信息安全审计与监控工程研究中心, 上海 200433

收稿日期:2020-09-10 修回日期:2020-11-17 发布日期:2020-12-04
作者简介:梁晓萌(1996-),女,硕士研究生,主研方向为信息安全;严明(通信作者),工程师、硕士;吴杰,研究员、博士。
基金资助:
国家重点研发计划（2017YFB0803203）。

Tor Traffic Online Identification Method Based on Artificial Bee Colony Algorithm

LIANG Xiaomeng¹, YAN Ming^1,2, WU Jie^1,2

1. School of Computer Science, Fudan University, Shanghai 200433, China;
2. Engineering Research Center of Cyber Security Auditing and Monitoring, Shanghai 200433, China

Received:2020-09-10 Revised:2020-11-17 Published:2020-12-04

摘要/Abstract

摘要： Tor等匿名流量的分类与识别对运营商监管网络安全具有重要意义，但目前Tor流量的分类检测技术普遍存在识别准确率低、缺乏实时性、无法有效处理高维数据等问题。为此，提出一种Tor流量在线识别方法。通过搭建基于逻辑回归的深度神经网络，提取Tor流量特征匹配度以实现特征增强，并使用人工蜂群机制代替梯度下降等常见迭代算法，得到流量分类及识别结果。在此基础上，构建一套实时流量检测工具应用于实际生产环境中。在公开Tor数据集上的实验结果表明，与逻辑回归、随机森林、KNN算法相比，该算法的精确率和召回率分别提高了10%~50%，相比梯度下降的迭代算法准确率提高了7%~8%。

关键词: Tor流量识别, 网络流量分类, 特征提取, 网络流量分析, 深度学习, 人工蜂群算法, 逻辑回归

Abstract: The classification and identification of Tor and other anonymous traffic is of great significance to network security supervision.However,the existing Tor traffic classification and detection technologies are generally characterized by low identification accuracy,poor real-time performance,and inability to effectively handle high-dimensional data,etc.To solve these problems,a method for online identification of Tor traffic is proposed.A deep neural network based on logistic regression is constructed to extract the matching degree of effective Tor traffic features to implement feature enhancement.Additionally,the artificial bee colony mechanism is used to replace the commonly used iterative algorithms,such as gradient descent,so the traffic classification and recognition results are obtained.The experimental results on public Tor datasets show that compared with the logic regression algorithm,random forest and KNN algorithm,the proposed algorithm improves the accuracy and the recall rate by 10% to 50%.Compared with the regression algorithm based on gradient descent,the proposed algorithm improves the accuracy by 7% to 8%.

Key words: Tor traffic identification, network traffic classification, feature extraction, network traffic analysis, deep learning, artificial bee colony algorithm, logistic regression

中图分类号:

TP309

梁晓萌, 严明, 吴杰. 基于人工蜂群算法的Tor流量在线识别方法[J]. 计算机工程, 2021, 47(11): 129-135,143.

LIANG Xiaomeng, YAN Ming, WU Jie. Tor Traffic Online Identification Method Based on Artificial Bee Colony Algorithm[J]. Computer Engineering, 2021, 47(11): 129-135,143.

http://www.ecice06.com/CN/Y2021/V47/I11/129

图/表 12

20211113144049

20211113144053

20211113144056

20211113144059

20211113144102

20211113144104

20211113144108

20211113144110

20211113144114

20211113144117

20211113144121

20211113144124

参考文献

[1] MICHAEL S.Malicious DNS traffic in Tor:analysis and countermeasures[C]//Proceedings of IEEE ICISSP'19.Washington D.C.,USA:IEEE Press,2019:536-543.
[2] CHAKRAVARTY S,BARBERA M V,PORTOKALIDIS G,et al.On the effectiveness of traffic analysis against anonymity networks using flow records[C]//Proceedings of Passive and Active Measurement Conference.Los Angeles,USA:[s.n.],2014:1-10.
[3] HE G,YANG M,LUO J,et al.Inferring application type information from tor encrypted traffic[C]//Proceedings of the 2nd IEEE International Conference on Advanced Cloud and Big Data.Washington D.C.,USA:IEEE Press,2015:145-456.
[4] ARASH H L,GERARD D G,MOHAMMAD S,et al.Characterization of Tor traffic using time based features[C]//Proceedings of IEEE ICISSP'19.Washington D.C.,USA:IEEE Press,2017:253-262.
[5] 潘逸涵,张爱新.基于深度学习的Tor流量识别方法[J].通信技术,2019,52(12):2982-2986. PAN Y H,ZHANG A X.Tor traffic identification method based on deep learning[J].Communications Technology,2019,52(12):2982-2986.(in Chinese)
[6] KARAMLOU T,VELEZ D A,NIGRO J J.Encrypted prediction:a hacker's perspective[J].The Journal of Thoracic and Cardiovascular Surgery,2017,154(6):2038-2040.
[7] 李若鹏.基于大数据的网络异常行为检测平台的设计与实现[D].广州:华南理工大学,2018. LI R P.Design and Implementation of network abnormal behavior detection platform based on big data[D].Guangzhou:South China University of Technology,2018.(in Chinese)
[8] YIN Z J,ZHANG H,LIU Q.Analysis and research of BPF filter based on Libpcap[J].Advanced Materials Research,2013(655):1774-1778.
[9] LIU W X,JUN C,YU W,et al.Fine-grained flow classification using deep learning for software defined data center networks[J].Journal of Network and Computer Applications,2020,168(3):1-10.
[10] SAON C V,CHARLIE G,ADRIANO T F,et al.Intermittent slug flow identification and characterization from pressure signature[J].Mechanical Systems and Signal Processing,2021,148:107-148.
[11] BOMMISETTY R M,PRAKASH O,KHARE A.Keyframe extraction using Pearson correlation coefficient and color moments[J].Multimedia Systems,2020,26(3):267-299.
[12] TOSTES A I J, SILVA T H.STRIP:a short-term traffic Jam prediction based on logistic regression[C]//Proceedings of the 84th IEEE Vehicular Technology Conference.Washington D.C.,USA:IEEE Press,2016:1-5.
[13] NAKIK D,LOŠKOVSKA S,TRAJKOVIK V.Fully connected emergency intervention for the critical home care system[J].Studies in Health Technology and Informatics,2011,165:88-93.
[14] ZHANG C L,WU J X.Improving CNN linear layers with power mean non-linearity[J].Pattern Recognition,2019,89:12-21.
[15] OOYANG W B,XU B,HOU J,et al.Fabric defect detection using activation layer embedded convolutional neural network[J].IEEE Access,2019,7:70130-70140.
[16] MICHAEL H,MARC D,ATSUNORI O.Feature based domain adaptation for neural network language models with Factorised hidden layers[J].IEICE Transactions on Information and Systems,2019,102(3):598-608.
[17] LANG S,BRAVO-MAROUEZ F,BECKHAM C.WekaDeeplearning4j:a deep learning package for Weka based on deeplearning4j[J].Knowl-Based Systems,2019,178:48-50.
[18] DEDETURK B K,AKAY B.Spam filtering using a logistic regression model trained by an artificial bee colony algorithm[J].Applied Soft Computing,2020,91:106-129.
[19] CHAO T Y,JUNG C L,ENDAH K.NetFlow monitoring and cyberattack detection using deep learning with Ceph[J].IEEE Access,2020,8:7842-7850.
[20] 王军,赵凯,程勇.基于遮挡感知卷积神经网络的面部表情识别方法[J/OL].计算机工程:1-11[2020-08-10].https://doi:10.19678/j.issn.1000-3428.0059166. WANG J,ZHAO K,CHENG Y.Facial expression recognition based on convolutional neural network with occlusion perception[J/OL].Computer Engineering:1-11[2020-08-10].https://doi:10.19678/j.issn.1000-3428.0059166. (in Chinese)

选择文件类型/文献管理软件名称

选择包含的内容

基于人工蜂群算法的Tor流量在线识别方法

Tor Traffic Online Identification Method Based on Artificial Bee Colony Algorithm

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 12

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	江雨燕, 陶承凤, 李平. 数据增强和自适应自步学习的深度子空间聚类算法[J]. 计算机工程, 2023, 49(8): 96-103, 110.
[2]	李泽水, 冀俊忠, 杨翠翠. 基于边权重信息深度网络嵌入的PPIN功能模块检测[J]. 计算机工程, 2023, 49(8): 69-76.
[3]	王可铮, 徐玉芬, 周尚波. 结合对比感知损失和融合注意力的图像去雾模型[J]. 计算机工程, 2023, 49(8): 207-214.
[4]	刘俊豪, 王美林, 谢兴, 宋烨兴, 许莉花. 基于改进YOLOv5的皮革瑕疵检测算法[J]. 计算机工程, 2023, 49(8): 240-249.
[5]	马娜, 温廷新, 贾旭, 李晓会. 复杂光照条件下自适应的车脸重识别模型[J]. 计算机工程, 2023, 49(8): 275-282, 290.
[6]	李军侠, 王星驰, 殷梓, 石德硕. 边缘深度挖掘的弱监督显著性目标检测[J]. 计算机工程, 2023, 49(7): 169-178.
[7]	吴珊, 周凤. 基于改进SSD算法的小目标检测[J]. 计算机工程, 2023, 49(7): 179-188.
[8]	席建锐, 唐红梅, 梁春阳, 刘鑫. 基于改进隐函数的点云物体重建[J]. 计算机工程, 2023, 49(7): 214-222.
[9]	齐咏生, 杜晓旭, 朱俊峰, 高胜利, 刘利强. 基于增强型轻量深度网络的牧区牲畜高效检测[J]. 计算机工程, 2023, 49(7): 278-287.
[10]	闫兴亚, 匡娅茜, 白光睿, 李月. 基于深度学习的学生课堂行为识别方法[J]. 计算机工程, 2023, 49(7): 251-258.
[11]	谌雨章, 黄逸姿, 张钧涵. 基于多速率空洞卷积的多尺度水下小目标检测[J]. 计算机工程, 2023, 49(6): 257-264.
[12]	张博旭, 蒲智, 程曦. 基于提示学习的维吾尔语文本分类研究[J]. 计算机工程, 2023, 49(6): 292-299,313.
[13]	于海洋, 景鹏, 张文涛, 谢赛飞, 滑志华, 宋草原. 基于残差与注意力机制的道路裂缝检测U-Net改进模型[J]. 计算机工程, 2023, 49(6): 265-273.
[14]	戴浩磊, 黄永慧, 周郭许. 基于超图正则化非负张量链分解的聚类分析[J]. 计算机工程, 2023, 49(6): 81-89.
[15]	王爱玲, 马文臻, 邹自明, 钟佳. 基于领域自适应的卫星工程参数异常检测[J]. 计算机工程, 2023, 49(5): 29-37,47.

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

基于人工蜂群算法的Tor流量在线识别方法

Tor Traffic Online Identification Method Based on Artificial Bee Colony Algorithm

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 12

参考文献

相关文章 15

编辑推荐

Metrics

本文评价