一种基于DPI自关联数据包检测分类方法

With the continuous development of the Internet, more and more non traditional services are emerging and occupying a large amount of network bandwidth resources, which makes Internet services and security more and more difficult to be managed andaffects the normal performance of traditional services.The existing identification methods generally use port identification and DPI (Deep Packet Inspection) technology, which is difficult to identify roundabout traffic and encrypted traffic.This paper proposes a classification method based on DPI autocorrelation detection. This method firstly identifies the roundabout flow through the seven tuple association relationship with the sample stream, called as strong autocorrelation (SA).Then, the detected stream features are extracted and identified by the classification decision function proposed in this paper. This part is called weak autocorrelation(WA). The experimental results show that the proposed method can overcome the DPI shortcomings in the roundabout and encrypted traffic identification and improve the traffic flow identification accuracy.