Detection device and method for malicious traffic encryption of Android mobile device
The invention discloses a detection device and method for encrypted malicious traffic of Android mobile equipment, and belongs to the technical field of traffic detection. Filtering based on validity and repeatability to obtain a session A, and filtering based on characteristics of the encryption co...
Saved in:
Main Authors | , , , , , , |
---|---|
Format | Patent |
Language | Chinese English |
Published |
20.09.2022
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | The invention discloses a detection device and method for encrypted malicious traffic of Android mobile equipment, and belongs to the technical field of traffic detection. Filtering based on validity and repeatability to obtain a session A, and filtering based on characteristics of the encryption component to obtain a session B; extracting a packet length sequence and an arrival time interval sequence of the session A, performing direction processing to obtain a time domain feature vector, and adding a maximum transmission unit to a downlink packet length; transmitting a packet length and arrival time interval sequence which is not subjected to direction processing into a frequency domain feature processing module, abstracting the sequence into a digital signal to convert from a time domain to a frequency domain, and then completing conversion from a complex number to a real number and linear transformation to reduce dimensionality to obtain a frequency domain feature vector; quantizing the features of the to |
---|---|
Bibliography: | Application Number: CN202210732607 |