• Dec 07, 2021 News!JACN has been indexed by EI (inspec)!   [Click]
  • Nov 24, 2021 News!JACN Vol.9, No.2 has been published with online version.   [Click]
  • Jun 18, 2020 News!JACN Vol.8, No.1 has been published with online version.   [Click]
General Information
    • ISSN: 1793-8244 (Print)
    • Abbreviated Title:  J. Adv. Comput. Netw.
    • Frequency: Semiyearly
    • DOI: 10.18178/JACN
    • Editor-in-Chief: Dr. Ka Wai Gary Wong
    • Executive Editor: Ms. Shira Lu
    • Abstracting/ Indexing: INSPEC (IET), EBSCO, ProQuest, and Google Scholar.
    • E-mail: jacn@ejournal.net
Editor-in-chief
Professor Haklin Kimm
East Stroudsburg University, USA
I'm happy to take on the position of editor in chief of JACN. We encourage authors to submit papers on all aspects of computer networks.

JACN 2018 Vol.6(1): 7-12 ISSN: 1793-8244
DOI: 10.18178/JACN.2018.6.1.246

Identification and Detection of Statistical Characteristics of Encrypted Traffic in Zombie Networks

Ruidong Chen, Kwame Opuni-Boachie Obour Agyekum, Xiaosong Zhang, and Qi Xia
Abstract—There is a great significance to encrypted traffic including illegal data regulation, protection of user information and detection of network attacks. Classifying encrypted traffic is critical to effective network analysis and management. With the advent of machine learning techniques, traditional payload-based methods have become powerless and obsolete, in dealing with encrypted traffic. Accurately and efficiently identifying network traffic is very crucial for network management. Machine learning methods, however, are disadvantaged by the creation of overheads in the system. Most traffic encryption methods also focus on single granularities, and hence the full functionality of the network isn’t realized. In this paper, we propose a traffic identification method that seeks to combat protocol-independent identification. Our method utilizes an encrypted traffic identification model on the basis of information entropy, which can realize on-line identification without violating user privacy and as higher efficiency analysis and a lower false-alarm rate, and also on multiple granularities. Our experimental results show that the proposed method is able to recognize over 80% of traffic, and achieves an efficient encrypted traffic identification.

Index Terms—Botnet, encrypted traffic identification, information entropy, multiple granularity, zombie networks.

R. Chen is with Mr. Ray Co. Ltd., Chengdu, China and Youe Data Co. Ltd., Beijing, China (e-mail: crdchen@163.com). K. O.-B. Obour Agyekum is with the School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China (e-mail: obour539@yahoo.com). X. Zhang and Q. Xia are with the Center for Cyber Security, University of Electronic Science and Technology of China, Chengdu, China (e-mail: johnsonzxs@uestc.edu.cn, xiaqi@uestc.edu.cn).

[PDF]

Cite:Ruidong Chen, Kwame Opuni-Boachie Obour Agyekum, Xiaosong Zhang, and Qi Xia, "Identification and Detection of Statistical Characteristics of Encrypted Traffic in Zombie Networks," Journal of Advances in Computer Networks vol. 6, no. 1, pp. 7-12, 2018.

Copyright © 2008-2021. Journal of Advances in Computer Networks.  All rights reserved.
E-mail: jacn@ejournal.net