Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
- Type of Document: M.Sc. Thesis
- Language: Farsi
- Document No: 55342 (19)
- University: Sharif University of Technology
- Department: Computer Engineering
- Advisor(s): Jafari Siavoshani, Mahdi
- Abstract:
- One of the most widely used protocols used on the Internet is the SSL protocol, which is also used in many applications to exchange information between the server and the user. Therefore, the analysis of this traffic can help decision makers in many analyses. In this thesis, we are going to present a mapping for feature vectors extracted from SSL traffic that will lead to improving the performance of machine learning algorithms.In this treatise, three methods for learning mapping are proposed, all of which are based on deep learning. The first method is to use a simple self-encoder for map learning that tries to learn a compact map from the input feature vector.The second method is the simultaneous training of the auto-encoder with the classifier, which makes the mapping learned by the auto-encoder, in addition to having the ability to reconstruct the input feature vector, create more separation to facilitate the work of the classifier among the samples in the new mapping space. The third method is the traffic sequence mapping method, which has a similar idea to the word mapping method.To evaluate the proposed methods for traffic mapping, we measured the quality of these methods in the encrypted traffic clustering problem related to 20 applications. In this problem, encrypted traffic related to 20 different applications was collected and all three mapping methods were applied on the feature vectors extracted from these samples.The results of this experiment show that the traffic sequence mapping method causes more differentiation between samples of different classes.The use of length, direction and time features, along with the sequential nature of traffic in this method, causes this mapping method to bring the samples of the same application as close as possible to each other in the new mapping space, and the samples of the programs separate different applications from each other
- Keywords:
- Autoencoder ; SSL/TLS Protocol ; Classify Network Traffic ; Traffic Clustering ; Traffic Sequence Embedding Network ; Secure Sockets Layer (SSL)Traffic Clustering ; Application Traffic Classification
Digital Object List
محتواي کتاب
Bookmark