Byte Segment Neural Network for Network Traffic
论文地址:
Byte Segment Neural Network for Network Traffic Classification(2018-5-24)
EBSNN: Extended Byte Segment Neural Network for Network Traffic Classification(2021-8-2)
两篇论文,一篇是正常的字节编码,一篇是拓展字节编码。
EBSNN: Extended Byte Segment Neural Network for Network Traffic Classification
关键词:Recurrent neural network, traffific classifification, application identifification, website identifification
EBSNN结构
处理步骤
Preprocessing
每个数据包是由Ethernet II header、the IPv4 header、 the TCP/UDP header and the payload构成的。
数据包的构成如table1。
关于U和V的解释:
所以,是如何进行preprocessing的呢?
- Ethernet II header: only contains EtherType, source and destination MAC addresses, 直接放弃处理.
- IPv4 header:放弃一些字段并将这些字段替换成0,
- IP identifification (32 ∼ 37 bits in the IPv4 header)
- IP checksum(80 ∼ 95 bits)
- source IP address(96 ∼ 127 bits)
- destination IP address(128 ∼ 159 bits).
- TCP/UDP header:同IPv4,替换成0,
- source port (0 ∼ 15 bits)
- destination port(16 ∼ 31 bits)
- Payload
- 假设有M个字节,N个字节为一个字段,那么有[M/N]个字段。
举个栗子🍭
fig3中标红的都是替换成0的无用信息的字段;N=8,n=[Payload总字节数/N]
Model
All articles in this blog are licensed under CC BY-NC-SA 4.0 unless stating additionally.
Related Articles
Comment
