Research on Session Initiation Protocol Identification Based on Principal Component Analysis and Learning Vector Quantization

doi:10.3969/j.issn.1000-3428.2016.06.022

Abstract

Abstract: The encrypted Session Initiation Protocol(SIP) is difficult to identify and there is less related research,which makes the intrusion detection and the network traffic monitoring inconvenient.Aiming at these problems,this paper proposes a SIP identification model based on Principal Component Analysis(PCA) and Learning Vector Quantization(LVQ) network.It extracts the feature of relevant flow characteristics,the cumulative contribution rate of which is higher than 85%,as the main characteristic during the identification of SIP by adopting PCA on the network traffic properties of the SIP.Then it trains the LVQ network training and builds a complete SIP identification model.Results show that the PCA_LVQ model can identify the SIP with a recognition rate higher than 90%,indicating that the property of SIP extracted by PCA network flow is different from non-SIP.The model has good effect on identifying SIP.

Key words: Session Initiation Protocol(SIP), Principal Component Analysis(PCA), Learning Vector Quantization(LVQ), eigen value, encrypted protocol, flow characteristic

摘要： 针对加密会话初始协议(SIP)识别困难以及相关研究工作较少,对入侵检测、网络流量监控等工作带来不便的问题,提出基于主成分分析(PCA)和学习矢量量化(LVQ)网络的SIP协议识别模型。通过对SIP协议的网络流特征进行PCA,提取出累计贡献率高于85%的相关流特征作为SIP协议识别过程中的主要特征,并进行LVQ网络训练,构建出完整的SIP协议识别模型。实验结果表明,PCA_LVQ模型对SIP协议的识别率均高于90%,通过PCA提取的SIP协议网络流属性区别于非SIP协议的属性,该模型对SIP协议的识别效果较好。

关键词: 会话初始协议, 主成分分析, 学习矢量量化, 特征值, 加密协议, 流特征

CLC Number:

TP309

LI Jindong,WANG Tao,WU Yang,LEI Dong. Research on Session Initiation Protocol Identification Based on Principal Component Analysis and Learning Vector Quantization[J]. Computer Engineering, doi: 10.3969/j.issn.1000-3428.2016.06.022.

李进东,王韬,吴杨,雷东. 基于主成分分析和学习矢量量化的会话初始协议识别研究[J]. 计算机工程, doi: 10.3969/j.issn.1000-3428.2016.06.022.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.3969/j.issn.1000-3428.2016.06.022

http://www.ecice06.com/EN/Y2016/V42/I6/125

References

参考文献［1］亚米迪.SIP协议的研究与分析［D］.北京:北京邮电大学,2006. ［2］姚玉坤,刘合武.软交换技术在VoIP中的应用分析［J］.数据通信,2006(1):33-36. ［3］任聪.SIP协议在多媒体通信中的应用研究［D］.南京:南京邮电大学,2012. ［4］忻超.互联网应用数据建模分析和信息挖掘［D］.北京:北京邮电大学,2012. ［5］张文华,刘忠信,陈增强,等.基于SIP协议的3G网络安全认证机制［J］.计算机工程与应用,2004,40(13):163-166. ［6］郑天明,王韬,郭世泽.改进的空间协议识别算法［J］.通信学报,2012,33(5):183-190. ［7］Early J P,Brodley C E,Rosenberg C.Behavioral Authentication of Server Flows［C］//Proceedings of the 19th Annual Computer Security Applications Conference.Washington D.C.,USA:IEEE Press,2003:46-55. ［8］Sen S,Spatscheck O,Wang Dongmei.Accurate,Scalable in Network Identification of P2P Traffic Using Appli-cation Signatures［C］//Proceedings of the 13th Inter-national Conference on World Wide Web.New York,USA:ACM Press,2004:512-521. ［9］Amita S,Aruna T.NetworkTraffic Classification Using Semi-supervised Approach［C］//Proceedings of the 2nd International Conference on Machine Learning and Computing.Washington D.C.,USA:IEEE Press,2010:345-349. ［10］陈亮,龚俭,徐选.基于特征串的应用层协议识别［J］.计算机工程与应用,2006,42(24):16-19. ［11］杨哲,李领治,纪其进,等.基于最短划分距离的网络流量决策树分类方法［J］.通信学报,2012,33(3):90-102. ［12］Charles V W,Fabian M,Gerald M.On Inferring Applica-tion Protocol Behaviors in Encrypted Network Traffic［J］.Journal of Machine Learning Research,2006,7(12):2745-2769. ［13］Sun Guanglu,Xue Yibo,Dong Yingfei,et al.A Novel Hybrid Method for Effectively Classifying Encrypted Traffic［C］//Proceedings of Global Telecommunications Conference.Washington D.C.,USA:IEEE Press,2010:1-5. ［14］陈伟,胡磊,杨龙.基于载荷特征的加密流量快速识别方法［J］.计算机工程,2012,38(12):22-25. ［15］Zuev D,Moore A W.Traffic Classification Using a Statistical Approach［C］//Proceedings of the 6th International Workshop on Passive and Active Network Measurement.Berlin,Germany:Springer,2005:321-324. ［16］李正欣,郭建胜,惠晓斌,等.基于共同主成分的多元时间序列降维方法［J］.决策与控制,2013,28(4):531-536. ［17］叶晓波,王松.贝叶斯分类与LVQ神经网络分类性能对比研究［J］.电脑与信息技术,2013,21(4):14-17. 编辑顾逸斐

[1]	YAN Xin, ZHU Yonghao, TU Naiwei, WU Shuwen, WANG Yuhong. Prediction of Coal and Gas Outburst in Mine Working Face Based on PCA and Weighted Bayesian [J]. Computer Engineering, 2021, 47(8): 315-320.
[2]	HAO Zhanjun, ZHANG Daiyang, DANG Xiaochao, DUAN Yu. Non-contact Human Motion Recognition Method Based on Channel State Information [J]. Computer Engineering, 2021, 47(6): 172-181.
[3]	HU Tao, DIAN Songyi, JIANG Ronghua. Hardware Trojan Detection Based on Long Short-Term Memory Neural Network [J]. Computer Engineering, 2020, 46(7): 110-115.
[4]	DANG Xiaochao, DENG Qiyan, HAO Zhanjun. Indoor Personnel Detection Method Based on 30° Angle Concentric Circular Sampling [J]. Computer Engineering, 2020, 46(4): 198-205.
[5]	YAN Yujuan,LI Hua,ZHAO Jumin,LI Deng’ao,LIU Jia. Fall detection system based on CRFID and pattern recognition [J]. Computer Engineering, 2019, 45(6): 297-302,309.
[6]	DI Ruitong,WANG Hong,FANG Youli. Fake Reviews Identification Method Fusing Time Series and Multi-scale Features [J]. Computer Engineering, 2019, 45(3): 278-285,292.
[7]	YANG Chenchen,MA Chunmei,ZHU Jinqi. Study of Fall Behavior Identification Algorithm Based on Smartphone [J]. Computer Engineering, 2019, 45(2): 178-183.
[8]	WANG Lin, ZHAO Junli, DUAN Fuqing, ZHOU Mingquan. Survey on Craniofacial Reconstruction Method [J]. Computer Engineering, 2019, 45(12): 8-18.
[9]	DANG Xiaochao,SI Xiong,HAO Zhanjun,HUANG Yaning. A Passive Indoor Fingerprint Localization Algorithm Based on Channel State Information [J]. Computer Engineering, 2018, 44(7): 114-120.
[10]	ZHANG Xiaoming,WANG Zhijun,LIANG Liping. A Stacking Algorithm for Convolution Neural Network [J]. Computer Engineering, 2018, 44(4): 243-247.
[11]	YANG Hanfang,ZHOU Xiangdong. Cross Domain Image Classification Based on Deep Sparse Discrimination [J]. Computer Engineering, 2018, 44(4): 310-316.
[12]	LIU Yachong,TANG Zhiling. Classification and Identification Method of Communication Radiation Source Feature Based on Softmax Regression [J]. Computer Engineering, 2018, 44(2): 98-102.
[13]	ZHANG Huiyi,HOU Yaozu,TAO Tao. A Collaborative Filtering Algorithm Based on Two-stage Joint Hashing [J]. Computer Engineering, 2018, 44(12): 316-320.
[14]	ZHAO Pengbiao,LIU Ge,LUO Lei,ZHOU Rui. Construction Method of Indoor Digital Floor Plan Based on Smartphone [J]. Computer Engineering, 2018, 44(11): 271-275,281.
[15]	MIAO Jiajia,SHEN Lei,GUO Jingjing. Blind Decoding Method of Asynchronous WCDMA Signals Under Array Antenna [J]. Computer Engineering, 2018, 44(10): 107-111.

Please choose a citation manager

Content to export