Encryption protocol identification method based on active service detection engine technology
The invention discloses an encryption protocol identification method based on an active service detection engine technology. The method comprises the steps of constructing an encryption network behavior model library; capturing the network data by using a packet capturing tool so as to realize real-...
Saved in:
Main Authors | , , , , , , |
---|---|
Format | Patent |
Language | Chinese English |
Published |
26.05.2020
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | The invention discloses an encryption protocol identification method based on an active service detection engine technology. The method comprises the steps of constructing an encryption network behavior model library; capturing the network data by using a packet capturing tool so as to realize real-time acquisition of the network interaction data; extracting valid data from the network data flow;performing feature extraction on the data with high similarity in a clustering mode; calculating correlation coefficients of the data features and different reference samples in the model library; andautomatically identifying the encrypted data protocol according to the correlation coefficient in combination with a node-based stateful identification technology and an active detection and servicecamouflage technology. According to the invention, the encryption protocol encryption identification method is optimized; identification efficiency is high; identification results are more accurate; aP2P protocol with fuzzy or |
---|---|
Bibliography: | Application Number: CN202010049560 |