基于序列统计的未知无线协议特征提取方法

doi:10.19678/j.issn.1000-3428.0059551

计算机工程 ›› 2021, Vol. 47 ›› Issue (11): 192-197. doi: 10.19678/j.issn.1000-3428.0059551

基于序列统计的未知无线协议特征提取方法

刘治国^1,2, 蔡文珠^1,2, 李运琪^1,2, 潘成胜³

1. 大连大学信息工程学院, 辽宁大连 116600;
2. 大连大学通信与网络重点实验室, 辽宁大连 116600;
3. 南京信息工程大学电子与信息工程学院, 南京 211800

收稿日期:2020-09-17 修回日期:2020-10-27 发布日期:2020-11-06
作者简介:刘治国(1974-),男,教授、博士,主研方向为网络协议分析;蔡文珠、李运琪,硕士研究生;潘成胜,教授、博士。
基金资助:
国家自然科学基金（61931004）。

Feature Extraction Method for Unknown Wireless Protocol Based on Sequence Statistical

LIU Zhiguo^1,2, CAI Wenzhu^1,2, LI Yunqi^1,2, PAN Chengsheng³

1. School of Information Engineering, Dalian University, Dalian, Liaoning 116600, China;
2. Key Laboratory of Communication and Network, Dalian University, Dalian, Liaoning 116600, China;
3. School of Electronics and Information Engineering, Nanjing University of Information Science and Technology, Nanjing 211800, China

Received:2020-09-17 Revised:2020-10-27 Published:2020-11-06

摘要/Abstract

摘要： 在未知无线网络环境下，比特流形式的协议数据帧特征不明显，且缺乏先验知识对其进行分析，造成特征提取困难。提出一种利用序列统计提取未知无线协议特征的方法。统计数据中定长序列出现的频次和位置，根据概率和相似性筛选满足频繁条件的固定序列和交互序列，得到频繁项集，并借鉴关联规则连接频繁项集中的频繁序列，去除冗余的序列信息，得到协议特征集。仿真结果表明，该方法能够有效提高未知无线协议特征提取效果，准确率稳定在90%以上。

关键词: 特征提取, 序列统计, 固定序列, 关联规则, 比特流

Abstract: In the unknown wireless network environment,the characteristics of data frames in the form of continuous bitstream are not obvious,and the lack of prior knowledge in data frame analysis poses difficulties for feature extraction.To address the problem,a feature extraction method for unknown wireless protocols is proposed based statistical analysis.The frequency and position at which the fixed-length sequences occur in the data are counted.On this basis,the fixed sequences and interactive sequences are filtered according to the probability and the similarity idea,and the ones that meet the frequency conditions are selected to obtain the frequent item set.Then the frequent sequences are connected according to the association rules to remove the redundant information.Simulation results show that this method can improve the feature extraction effect for unknown wireless protocols with the accuracy reaching over 90%.

Key words: feature extraction, sequence statistics, fixed sequence, association rule, bitstream

中图分类号:

TP393

刘治国, 蔡文珠, 李运琪, 潘成胜. 基于序列统计的未知无线协议特征提取方法[J]. 计算机工程, 2021, 47(11): 192-197.

LIU Zhiguo, CAI Wenzhu, LI Yunqi, PAN Chengsheng. Feature Extraction Method for Unknown Wireless Protocol Based on Sequence Statistical[J]. Computer Engineering, 2021, 47(11): 192-197.

http://www.ecice06.com/CN/Y2021/V47/I11/192

图/表 6

20211113144801

20211113144804

20211113144807

20211113144810

20211113144812

20211113144815

参考文献

[1] GOO Y,SHIM K,CHAE B,et al.Framework for precise protocol reverse engineering based on network traces[C]//Proceedings of 2018 IEEE/IFIP Network Operations and Management Symposium.Washington D.C.,USA:IEEE Press,2018:1-4.
[2] 王玉婷,郑国强,马华红,等.基于信道选择的认知无线网络路由协议[J].计算机工程,2019,45(4):87-92. WANG Y T,ZHENG G Q,MA H D,et al.Cognitive radio networks routing protocol based on channel selection[J].Computer Engineering,2019,45(4):87-92.(in Chinese)
[3] KIBRIA M G,NGUYEN K,VILLARDI G P,et al.Big data analytics,machine learning,and artificial intelligence in next-generation wireless networks[J].IEEE Access,2018,6:32328-32338.
[4] CAI L,SHI R,XU D.Communication protocol identification based on data mining and automatic reasoning[C]//Proceedings of International Conference on Big Data.Washington D.C.,USA:IEEE Press,2017:211-216.
[5] WANG W,BAI B B,WANG Y C,et al.Bitstream protocol classification mechanism based on feature extraction[C]//Proceedings of International Conference on Networking.Washington D.C.,USA:IEEE Press,2019:1-5.
[6] VASILIADIS G,KOROMILAS L,POLYCHRONAKIS M,et al.Desing and implementation of a stateful network packet proccessing framework for GPUs[J].IEEE/ACM Transactions on Networking,2017,25(1):610-623.
[7] 张俊娇.比特流协议分析与特征识别技术研究[D].成都:电子科技大学,2016. ZHANG J J.Bit stream protocol analysis and feature recognition technology research[D].Chengdu:University of Electronic Science and Technology,2016.(in Chinese)
[8] HEI X H,BAI B B,WANG Y C,et al.Feature extraction optimization for bitstream communication protocol format reverse analysis[C]//Proceedings of 2019 IEEE International Conference on Trust,Security and Privacy in Computing and Communications and the 13th IEEE International Conference on Big Data Science and Engineering. Washington D.C,USA:IEEE Press,2019:662-669.
[9] 温爱霞.比特流数据未知协议特征发现技术研究[D].成都:电子科技大学,2015. WEN A X.Research on unknown protocol feature discovery technology for bitstream data[D].Chengdu:University of Electronic Science and Technology,2015.(in Chinese)
[10] ZHENG J,LI J P.Feature identification of unknown protocol[C]//Proceedings of International Computer Conference on Wavelet Active Media Technology and Information Processing.Washington D.C.,USA:IEEE Press,2017:1-5.
[11] MENG F Z,ZHANG C R,WU G.Protocol reverse based on hierarchical clustering and probability alignment from network traces[C]//Proceedings of International Conference on Big Data Analysis.Washington D.C.,USA:IEEE Press,2018:443-447.
[12] 张丽.比特流协议特征提取与识别方法研究[D].西安:西安理工大学,2019. ZHANG L.Research on feature extraction and recognition methods of bitstream protocol[D].Xi'an:Xi'an University of Technology,2019.(in Chinese)
[13] 张永光,翟绪论.比特流分析[M].北京:电子工业出版社,2018. ZHANG Y G,ZHAI X L.Bit flow analysis[M].Beijing:Electronic Industry Press,2018.(in Chinese)
[14] 冯文博,洪征,吴礼发,等.网络协议识别技术综述[J].计算机应用,2019,39(12):3604-3614. FENG W B,HONG Z,WU L F,et al.Overview of network protocol identification technology[J].Computer Applications,2019,39(12):3604-3614.(in Chinese)
[15] WANG Y,LI Y H.Deep Web entity identification method based on improved Jaccard coefficients[C]//Proceedings of International Conference on Research Challenges in Computer Science.Washington D.C.,USA:IEEE Press,2010:1-5.
[16] THAMBAWITA D R,RAGEL R,ELKADUWE D,et al.An optimized parallel failure-less Aho-Corasick algorithm for DNA sequence matching[C]//Proceedings of International Conference on Information and Automation.Washington D.C.,USA:IEEE Press,2016:1-6.
[17] 孙胜涛,吴爱芝.基于可能性逻辑的不确定性本体描述方法研究[J].小型微型计算机系统,2016,37(2):281-286. SUN S T,WU A Z.Research of uncertainty description in ontology model based on possibilistic logic[J].Journal of Chinese Computer Systems,2016,37(2):281-286.(in Chinese)
[18] 冯兴杰,张乐,曾云泽.基于多注意力CNN的问题相似度计算模型[J].计算机工程,2019,45(9):284-290. FENG X J,ZHANG L,ZENG Y Z.Question similarity calculation model based on multi-attention CNN[J].Computer Engineering,2019,45(9):284-290.(in Chinese)
[19] 梁泉,翁剑成,周伟.基于关联规则的公共交通通勤稳定性人群辨识[J].吉林大学学报(工学版),2019,49(5):1484-1491. LIANG Q,WENG J C,ZHOU W.Stability identification of public transport commute passengers based on association rules[J].Journal of Jilin University(Engineering and Technology Edition),2019,49(5):1484-1491.(in Chinese)
[20] 蒋翠清,疏得友,段锐.基于用户时空相似性的位置推荐算法[J].计算机工程,2018,44(7):177-182. JIANG C Q,SHU D Y,DUAN R.Location recommendation algorithm based on spatial-temporal similarity of user[J].Computer Engineering,2018,44(7):177-182.(in Chinese)

选择文件类型/文献管理软件名称

选择包含的内容

基于序列统计的未知无线协议特征提取方法

Feature Extraction Method for Unknown Wireless Protocol Based on Sequence Statistical

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 6

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	马娜, 温廷新, 贾旭, 李晓会. 复杂光照条件下自适应的车脸重识别模型[J]. 计算机工程, 2023, 49(8): 275-282, 290.
[2]	戴浩磊, 黄永慧, 周郭许. 基于超图正则化非负张量链分解的聚类分析[J]. 计算机工程, 2023, 49(6): 81-89.
[3]	宋羽凯, 谢江. 基于多任务学习的轻量级语音情感识别模型[J]. 计算机工程, 2023, 49(5): 122-128.
[4]	关日鹏, 况立群, 焦世超, 熊风光, 韩燮. 多模态特征融合与词嵌入驱动的三维检索方法[J]. 计算机工程, 2023, 49(4): 101-107,113.
[5]	李培育, 张雅丽. 基于改进SRGAN模型的人脸图像超分辨率重建[J]. 计算机工程, 2023, 49(4): 199-205.
[6]	耿磊, 傅洪亮, 陶华伟, 卢远, 郭歆莹, 赵力. 基于动态卷积递归神经网络的语音情感识别[J]. 计算机工程, 2023, 49(4): 125-130,137.
[7]	何悦, 陈广胜, 景维鹏, 徐泽堃. 基于深度多相似性哈希方法的遥感图像检索[J]. 计算机工程, 2023, 49(2): 206-212.
[8]	高庆吉, 李天昊, 邢志伟, 刘佩佩. 基于区块特征融合的点云语义分割方法[J]. 计算机工程, 2022, 48(9): 37-44,54.
[9]	闫静, 张雪英, 李凤莲, 陈桂军, 黄丽霞. 结合栈式监督AE与可变加权ELM的回归预测模型[J]. 计算机工程, 2022, 48(8): 62-69,76.
[10]	李晨, 侯进, 李金彪, 陈子锐. 基于注意力与残差级联的红外与可见光图像融合方法[J]. 计算机工程, 2022, 48(7): 234-240.
[11]	崔云轩, 刘桂华, 余东应, 郭中远, 张文凯. 点线特征融合的激光雷达单目惯导SLAM系统[J]. 计算机工程, 2022, 48(7): 254-263.
[12]	李柯泉, 陈燕, 刘佳晨, 牟向伟. 基于深度学习的目标检测算法综述[J]. 计算机工程, 2022, 48(7): 1-12.
[13]	汪荣贵, 李懂, 杨娟, 薛丽霞. 基于跨域特征关联与聚类的无监督行人重识别[J]. 计算机工程, 2022, 48(3): 229-235,243.
[14]	谢斌红, 秦耀龙, 张英俊. 基于学习主动中心轮廓模型的场景文本检测[J]. 计算机工程, 2022, 48(3): 244-252,262.
[15]	孙同晶, 闫志明, 范军, 张豪. 基于曲率和的主动声呐干涉条纹特征表征方法[J]. 计算机工程, 2022, 48(11): 49-54.

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

基于序列统计的未知无线协议特征提取方法

Feature Extraction Method for Unknown Wireless Protocol Based on Sequence Statistical

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 6

参考文献

相关文章 15

编辑推荐

Metrics

本文评价