An increasing number of websites are making use of HTTPS encryption to enhance security and privacy for their users.However,HTTPS encryption makes it very difficult to identify the service over HTTPS flows,which poses...An increasing number of websites are making use of HTTPS encryption to enhance security and privacy for their users.However,HTTPS encryption makes it very difficult to identify the service over HTTPS flows,which poses challenges to network security management.In this paper we present DTA-HOC,a novel DNS-based two-level association HTTPS traffic online service identification method for large-scale networks,which correlates HTTPS flows with DNS flows using big data stream processing and association technologies to label the service in an HTTPS flow with a specific associated domain name.DTA-HOC has been specifically designed to address three practical challenges in the service identification process:domain name ambiguity,domain name query invisibility,and data association time window size contradictions.Several experiments on datasets collected from a 10-Gbps campus network are conducted alongside offline and online testing.Results show that DTA-HOC can achieve an average online association rate on HTTPS traffic of 83%and a generic accuracy of 86.16%.Its processing time for one minute of data is less than 20 seconds.These results indicate that DTA-HOC is an efficient method for online identification of services in HTTPS flows for large-scale networks.Moreover,our proposed method can contribute to the identification of other applications which make a Domain Name System(DNS)communication before establishing a connection.展开更多
Great challenges and demands are presented by increasing edge computing services for current power Internet of things(Power IoT)to deal with the serious diversity and complexity of these services.To improve the matchi...Great challenges and demands are presented by increasing edge computing services for current power Internet of things(Power IoT)to deal with the serious diversity and complexity of these services.To improve the matching degree between edge computing and complex services,the service identification function is necessary for Power IoT.In this paper,a naive long short-term memory(Naive-LSTM)based service identification scheme of edge computing devices in the Power IoT was proposed,where the Naive-LSTM model makes full use of the most simplified structure and conducts discretization of the long short-term memory(LSTM)model.Moreover,the Naive-LSTM based service identification scheme can generate the probability output result to determine the task schedule policy of Power IoT.After well learning operation,these Naive-LSTM classification engine modules in edge computing devices of Power IoT can perform service identification,by obtaining key characteristics from various service traffics.Testing results show that the Naive-LSTM based services identification scheme is feasible and efficient in improving the edge computing ability of the Power IoT.展开更多
基金funded by the National Natural Science Foundation of China (No.61802270)National Entrepreneurship & Innovation Demonstration Base of China (No.C700011)+1 种基金Key Research & Development Project of Sichuan Province of China (No.2018GZ0100)Fundamental Research Business Fee Basic Research Project of Central Universities (No.2017SCU11065)
文摘An increasing number of websites are making use of HTTPS encryption to enhance security and privacy for their users.However,HTTPS encryption makes it very difficult to identify the service over HTTPS flows,which poses challenges to network security management.In this paper we present DTA-HOC,a novel DNS-based two-level association HTTPS traffic online service identification method for large-scale networks,which correlates HTTPS flows with DNS flows using big data stream processing and association technologies to label the service in an HTTPS flow with a specific associated domain name.DTA-HOC has been specifically designed to address three practical challenges in the service identification process:domain name ambiguity,domain name query invisibility,and data association time window size contradictions.Several experiments on datasets collected from a 10-Gbps campus network are conducted alongside offline and online testing.Results show that DTA-HOC can achieve an average online association rate on HTTPS traffic of 83%and a generic accuracy of 86.16%.Its processing time for one minute of data is less than 20 seconds.These results indicate that DTA-HOC is an efficient method for online identification of services in HTTPS flows for large-scale networks.Moreover,our proposed method can contribute to the identification of other applications which make a Domain Name System(DNS)communication before establishing a connection.
基金supported by the National Key Research and Development Program of China(2021YFB2401304)。
文摘Great challenges and demands are presented by increasing edge computing services for current power Internet of things(Power IoT)to deal with the serious diversity and complexity of these services.To improve the matching degree between edge computing and complex services,the service identification function is necessary for Power IoT.In this paper,a naive long short-term memory(Naive-LSTM)based service identification scheme of edge computing devices in the Power IoT was proposed,where the Naive-LSTM model makes full use of the most simplified structure and conducts discretization of the long short-term memory(LSTM)model.Moreover,the Naive-LSTM based service identification scheme can generate the probability output result to determine the task schedule policy of Power IoT.After well learning operation,these Naive-LSTM classification engine modules in edge computing devices of Power IoT can perform service identification,by obtaining key characteristics from various service traffics.Testing results show that the Naive-LSTM based services identification scheme is feasible and efficient in improving the edge computing ability of the Power IoT.
