• Sep 17, 2018 News!Welcome to 2019 4th International Conference on Information and Network Technologies (ICINT 2019), which will be held in Kyoto, Japan during May 25-27, 2019.   [Click]
  • Jul 04, 2018 News!JACN Vol.6, No.1 has been published with online version.   [Click]
  • May 22, 2018 News!JACN has been included in EBSCO database.
General Information
    • ISSN: 1793-8244
    • Frequency: Semiyearly
    • DOI: 10.18178/JACN
    • Editor-in-Chief: Dr. Ka Wai Gary Wong
    • Executive Editor: Ms. Nina Lee
    • Abstracting/ Indexing: EI (INSPEC, IET),  Electronic Journals Library, Ulrich's Periodicals Directory, EBSCO, ProQuest, and Google Scholar.
    • E-mail: jacn@ejournal.net
Editor-in-chief
Dr. Ka Wai Gary Wong
Division of Information and Technology Studies, Faculty of Education, The University of Hong Kong.
It's a honor to serve as the editor-in-chief of JACN. I'll work together with the editors and reviewers to help the journal progress
JACN 2018 Vol.6(1): 7-12 ISSN: 1793-8244
DOI: 10.18178/JACN.2018.6.1.246

Identification and Detection of Statistical Characteristics of Encrypted Traffic in Zombie Networks

Ruidong Chen, Kwame Opuni-Boachie Obour Agyekum, Xiaosong Zhang, and Qi Xia
Abstract—There is a great significance to encrypted traffic including illegal data regulation, protection of user information and detection of network attacks. Classifying encrypted traffic is critical to effective network analysis and management. With the advent of machine learning techniques, traditional payload-based methods have become powerless and obsolete, in dealing with encrypted traffic. Accurately and efficiently identifying network traffic is very crucial for network management. Machine learning methods, however, are disadvantaged by the creation of overheads in the system. Most traffic encryption methods also focus on single granularities, and hence the full functionality of the network isn’t realized. In this paper, we propose a traffic identification method that seeks to combat protocol-independent identification. Our method utilizes an encrypted traffic identification model on the basis of information entropy, which can realize on-line identification without violating user privacy and as higher efficiency analysis and a lower false-alarm rate, and also on multiple granularities. Our experimental results show that the proposed method is able to recognize over 80% of traffic, and achieves an efficient encrypted traffic identification.

Index Terms—Botnet, encrypted traffic identification, information entropy, multiple granularity, zombie networks.

R. Chen is with Mr. Ray Co. Ltd., Chengdu, China and Youe Data Co. Ltd., Beijing, China (e-mail: crdchen@163.com). K. O.-B. Obour Agyekum is with the School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China (e-mail: obour539@yahoo.com). X. Zhang and Q. Xia are with the Center for Cyber Security, University of Electronic Science and Technology of China, Chengdu, China (e-mail: johnsonzxs@uestc.edu.cn, xiaqi@uestc.edu.cn).

[PDF]

Cite:Ruidong Chen, Kwame Opuni-Boachie Obour Agyekum, Xiaosong Zhang, and Qi Xia, "Identification and Detection of Statistical Characteristics of Encrypted Traffic in Zombie Networks," Journal of Advances in Computer Networks vol. 6, no. 1, pp. 7-12, 2018.

Copyright © 2008-2018. Journal of Advances in Computer Networks.  All rights reserved.
E-mail: jacn@ejournal.net