加密流量检测与态势预警平台研究

网络流量检测是实现网络整体安全态势感知的主要手段,通过采集网络流量、脆弱性、安全事件和威胁情报等数据,利用大数据和机器学习技术,分析网络行为及用户行为等因素构成的整个网络当前状态和变化趋势,并预测网络安全状态发展趋势。随着密码技术的广泛应用,网络中存在着越来越多的加密流量,如HTTPS、VPN流量;由于加密技术的使用,破坏了明文数据的统计特点、数据格式等,用通用的流量检测方法很难有效检测加密流量,基于加密技术的随机性、网络上下文等,结合人工智能技术和机器学习方法,研究和设计了网络加密流量检测体系框架、方法和关键技术,对加密流量的检测具有较强的指导意义。

Research on Encrytpted Traffic Detection Technology

Monitoring and analysis of the Networks traffic is the main method to realize the security situation.through collecting the network traffic,vulnerability,security events and threat intelligence.People use big data and machine learning techniques to analyze the network behavior and user behavior,then to know the whole network current and trend status.With the widespread application of cryptography,there are more and more encrypted traffic in the network,such as HTTPS and VPN traffic.Due to using of encryption technology,the statistical characteristics and data format of plaintext data are destroyed.It is difficult to effectively detect encrypted traffic with the general traffic method.The randomness and network context of encrypted traffic,Based on Artificial Intelligence and Machine learning,analyze the framework,methods and key technology of encrypted traffic detection.It is significance to the encrypted traffic detection.