Detecting Proxy User Based on Communication Behavior Portrait. (15th August 2019)
- Record Type:
- Journal Article
- Title:
- Detecting Proxy User Based on Communication Behavior Portrait. (15th August 2019)
- Main Title:
- Detecting Proxy User Based on Communication Behavior Portrait
- Authors:
- Han, Zhen-Hui
Chen, Xing-Shu
Zeng, Xue-Mei
Zhu, Yi
Yin, Ming-Yong - Editors:
- Sgandurra, Daniele
- Abstract:
- Abstract: Proxies can help users to bypass the network filtering system, leaving the network open to banned content, and can also enable users to anonymize themselves for terminal security protection. Proxies are widely used in the current network environment. However, certain spy proxies record user information for privacy theft. In addition, attackers can use such technologies to anonymize malicious behaviors and hide identities. Such behaviors have posed serious challenges to the internal defense and security threat assessment of an organization; however, the anonymity of the proxy makes it consistent with normal network communication, and general network traffic identification methods are not able to detect it. To accurately and effectively discover proxy users in the organization based on s, a proxy user detection method based on communication behavior portrait offers the following: (1) analysis of the communication behavior from the perspective of the portrait. Based on not abandoning the effective information of the traffic itself, the label system is established by introducing exogenous data to identify the difference between proxy communication and normal communication. (2) Construction of the portrait feature set of proxy user detection based on the traffic file and external data by studying the differences between the attribute sets of communication behavior labels for proxy users and non-proxy users. (3) Design and implementation a data-driven machine learningAbstract: Proxies can help users to bypass the network filtering system, leaving the network open to banned content, and can also enable users to anonymize themselves for terminal security protection. Proxies are widely used in the current network environment. However, certain spy proxies record user information for privacy theft. In addition, attackers can use such technologies to anonymize malicious behaviors and hide identities. Such behaviors have posed serious challenges to the internal defense and security threat assessment of an organization; however, the anonymity of the proxy makes it consistent with normal network communication, and general network traffic identification methods are not able to detect it. To accurately and effectively discover proxy users in the organization based on s, a proxy user detection method based on communication behavior portrait offers the following: (1) analysis of the communication behavior from the perspective of the portrait. Based on not abandoning the effective information of the traffic itself, the label system is established by introducing exogenous data to identify the difference between proxy communication and normal communication. (2) Construction of the portrait feature set of proxy user detection based on the traffic file and external data by studying the differences between the attribute sets of communication behavior labels for proxy users and non-proxy users. (3) Design and implementation a data-driven machine learning method to supply guidance for automatic recognition of such behavior. The experimental results show that, compared with state-of-the-art methods, the detection accuracy for the proxy user exceeds 95%, and that of real network traffic environment exceeds 85%. These results indicate that the detection method proposed in this paper can accurately distinguish proxy communication and normal communication and thus achieves precise proxy user detection. … (more)
- Is Part Of:
- Computer journal. Volume 62:Number 12(2019)
- Journal:
- Computer journal
- Issue:
- Volume 62:Number 12(2019)
- Issue Display:
- Volume 62, Issue 12 (2019)
- Year:
- 2019
- Volume:
- 62
- Issue:
- 12
- Issue Sort Value:
- 2019-0062-0012-0000
- Page Start:
- 1777
- Page End:
- 1792
- Publication Date:
- 2019-08-15
- Subjects:
- Communication behavior portrait -- label -- proxy user detection -- portrait feature
Computers -- Periodicals
005.1 - Journal URLs:
- http://comjnl.oxfordjournals.org/ ↗
http://ukcatalogue.oup.com/ ↗ - DOI:
- 10.1093/comjnl/bxz065 ↗
- Languages:
- English
- ISSNs:
- 0010-4620
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.060000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 12542.xml