| TCP流量早期识别方法 |
| |
| 引用本文: | 彭建芬,周亚建,王枞,杨义先,平源.TCP流量早期识别方法[J].应用科学学报,2011,29(1):73-77. |
| |
| 作者姓名: | 彭建芬 周亚建 王枞 杨义先 平源 |
| |
| 作者单位: | 1. 北京邮电大学网络与信息攻防技术教育部重点实验室,北京100876
2. 北京邮电大学灾备技术国家工程实验室,北京100876 |
| |
| 基金项目: | 国家自然科学基金,北京市自然科学基金,教育部科学技术研究重点项目基金 |
| |
| 摘 要: | 摘要: 为了对TCP数据流进行及时、快速并准确的识别,本文提出一种TCP流量早期识别方法. 该方法以TCP流初期的3 个数据包的载荷大小和服务器端口作为特征,利用支持向量机进行分类. 实验结果表明,根据提取的特征,采用无偏训练样本能快速而有效地识别WEB、MAIL、P2P中的BitTorrent和eMule等流量.
|
| 关 键 词: | 早期流量识别 机器学习 支持向量机 包载荷 |
| 收稿时间: | 2010-10-20 |
| 修稿时间: | 2010-12-13 |
Early TCP Traffic Classification |
| |
| PENG Jian-fen,ZHOU Ya-jian,WANG Cong,YANG Yi-xian,PING Yuan.Early TCP Traffic Classification[J].Journal of Applied Sciences,2011,29(1):73-77. |
| |
| Authors: | PENG Jian-fen ZHOU Ya-jian WANG Cong YANG Yi-xian PING Yuan |
| |
| Institution: | 1. Key Laboratory of Network and Information Attack and Defence Technology of Ministry of Education,;
Beijing University of Posts and Telecommunications, Beijing 100876, China;
2. National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and;
Telecommunications, Beijing 100876, China |
| |
| Abstract: | In order to identify classification quickly and accurately, an early traffic classification method (ETCM) is proposed. The method uses the payload size of three early packets and the server port number obtained from the TCP flow as flow feature, and classifies the traffic based on support vector machine (SVM). The results show that ETCM meets the following conditions: extracted features used, training samples selected without bias, Internet traffic related to WEB, MAIL, BitTorrent and eMule can be identified efficiently and quickly. |
| |
| Keywords: | early traffic classification machine learning support vector machine packet payload |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《应用科学学报》浏览原始摘要信息 |
| 点击此处可从《应用科学学报》下载免费的PDF全文 |
|
