Abstract
With the widespread use of Virtual Private Networks (VPNs), the identification of Secure Sockets Layer (SSL) VPN encrypted traffic has become an important issue. This paper first introduced SSL VPN encrypted traffic and analyzed the flow of its handshake protocol. Then, an improved fingerprint recognition algorithm was designed to identify SSL streams. Capsule Neural Network (CapsNet), an optimized convolutional neural network, was used to recognize SSL VPN. An experimental analysis was carried out on the ISCXVPN2016 dataset. It was found that the recognition accuracy of the proposed method reached up to 99.98% for SSL streams, and the convergence speed was high; the recognition precision reached 98.16%, and the recall rate reached 99.98% for SSL VPNs, both of which were better than the algorithms such as random forest (RF) and C4.5. The experimental results verify the effectiveness of the optimized recognition algorithm for SSL VPN recognition and make some contributions to its application in practice.
Highlights
With the development of economy and society, people’s living standard has been improving, and the use of the network has become more and more popular[1]
There are some illegal applications hidden in the Sockets Layer (SSL) Virtual Private Networks (VPNs) encrypted traffic; how to achieve the identification of sockets layer virtual private network (SSL VPN) encrypted traffic is gradually becoming an important issue in network security
This paper studied the recognition of SSL VPN traffic using an improved fingerprint recognition algorithm and the Capsule Neural Network (CapsNet) algorithm
Summary
With the development of economy and society, people’s living standard has been improving, and the use of the network has become more and more popular[1]. Muhammad et al [6] designed a system to analyze the communication between users and servers, divided the traffic into VPN traffic and standard traffic, and analyzed and classified network traffic by Domain Name System (DNS) packets and Hypertext Transfer Protocol Secure (HTTPS)-based traffic. They found that 329 out of 729 connections established by different users were classified as legitimate activities, and the remaining 400 connections were marked as VPN-based connections, indicating that the method was able to detect VPN traffic effectively. This work provides some theoretical bases for better recognition of encrypted traffic
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
