基於完全合格域名之邊緣網路封包分類器

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：85

、訪客IP：3.144.17.45

姓名

黃啟澤(Qi-Ze Huang) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

基於完全合格域名之邊緣網路封包分類器
(FQDN-based Packet Classifier on Edge Networks)

相關論文

★ 無線行動隨意網路上穩定品質服務路由機制之研究	★ 應用多重移動式代理人之網路管理系統
★ 應用移動式代理人之網路協同防衛系統	★ 鏈路狀態資訊不確定下QoS路由之研究
★ 以訊務觀察法改善光突發交換技術之路徑建立效能	★ 感測網路與競局理論應用於舒適性空調之研究
★ 以搜尋樹為基礎之無線感測網路繞徑演算法	★ 基於無線感測網路之行動裝置輕型定位系統
★ 多媒體導覽玩具車	★ 以Smart Floor為基礎之導覽玩具車
★ 行動社群網路服務管理系統－應用於發展遲緩兒家庭	★ 具位置感知之穿戴式行動廣告系統
★ 調適性車載廣播	★ 車載網路上具預警能力之車輛碰撞避免機制
★ 應用於無線車載網路上之合作式交通資訊傳播機制以改善車輛擁塞	★ 智慧都市中應用車載網路以改善壅塞之調適性虛擬交通號誌

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

至系統瀏覽論文 ( 永不開放)

摘要(中)

近年來，邊緣運算的概念逐漸萌芽，由於眾多的物聯網裝置接入廣域網路中，雖然單點裝置運算能力薄弱，但由於數量龐大，綜觀而言是一群不容小覷的邊緣網路運算節點。然而，由於愈來愈多種類的裝置和新的網路協定出現於廣域網路中，訊務分類的難度也愈來愈高，許多研究嘗試使用深度封包檢測、機器學習或網域名稱（DNS）萃取的方式，多數對於內容加密封包之分類效果有限，且無法直接實際部署於真實網路環境中。
　　本論文提出之FIPAC封包分類機制，從邊緣網路著手，相較於核心網路，能獲取更多完全合格域名（FQDN）之資訊，配合維基百科和自治系統號碼來分類域名，並透過封包各層資訊追蹤連線，藉此達到自動分類和快速推斷的效果。和其他種分類器相比而言，FIPAC機制更人性化、運算資源需求更少、分類效率更高，也更能維護使用者隱私。有了FIPAC機制，網路維運人員不需要擔心分類機制占用過多運算資源，能夠直接專注在分類結果的運用上，如不同應用程式QoS的控管。
　　本論文也使用了軟體路由器，將FIPAC機制部署在邊緣網路中，和市售邊緣網路路由器以及其他種分類器作比較，以實際驗證FIPAC機制的效能和部署的靈活性。

摘要(英)

In recent years, the concept of edge computing comes up. Due to the access of many IoT devices to wide-area networks, although the computing power of single node is weak, it offers great possibility when they are grouped. However, as more and more devices and new network protocols appear in the WAN, traffic classification becomes more and more difficult. Many researches attempt to use deep packet inspection, machine learning or domain name system (DNS), which are insufficient for encrypted packages and cannot be directly deployed in real network environments.
The FIPAC packet classification mechanism proposed in this paper are intentionally deployed on edge networks for the reason that more fully qualified domain names (FQDNs) are obtained more easily in comparison to core networks. Then, the FQDN can be classified with effective labels fetched from Wikipedia entries and autonomous system number. This is how FIPAC achieves automatic classification and fast inference. Compared with other classifiers, the FIPAC mechanism is more user-friendly and efficient, also, requires less computing resources and respects users’ privacy. With FIPAC, network operators do not need to worry about exhausted computing resources taken by packet classifiers. They can focus on the utilization of classification results, such as QoS control on distinct applications.
In this paper, we deploy FIPAC on software router on real edge networks. Compared with commercially available embedded edge routers and other types of classifiers, we verify that FIPAC takes advantages in performance and flexibility.

關鍵字(中)

★ 即時封包分類器
★ 完全合格域名
★ 網域名稱系統
★ 軟體路由器
★ 機器學習
★ 深度封包檢測

關鍵字(英)

★ Real-time Packet Classifier
★ FQDN
★ DNS
★ Software Router
★ Machine Learning
★ Deep Packet Inspection

論文目次

第一章緒論 1
1.1 概要 1
1.2 研究動機 2
1.3 研究目的 2
1.4 論文架構 3
第二章背景知識與相關研究 4
2.1 封包分類器相關技術 4
2.1.1 基於網路通訊埠之分類器（Port-based Classifier） 4
2.1.2 基於深度封包檢測之分類器（DPI-based Classifier） 5
2.1.3 基於機器學習之分類器（ML-based Classifier） 10
2.1.4 基於網域名稱系統之分類器（DNS-based Classifier） 14
2.2 邊緣運算 16
2.3 相關文獻比較 18
2.3.1 是否能自動產生測試流量 18
2.3.2 需要安裝代理軟體與否 18
2.3.3 服務質量（QoS）之控制 19
2.3.4 封包鏡像 19
2.3.5 分類模型預先訓練 19
第三章研究方法 21
3.1 系統架構與設計 21
3.1.1 Router Function各模組 22
3.1.2 Databases 24
3.1.3 SQLite3 API模組 25
3.1.4 FIPAC Parsing Stage各模組 25
3.1.5 FIPAC Classification Stage各模組 28
3.1.6 FIPAC Redirection Stage各模組 30
3.2 系統運作流程與機制 30
3.2.1 系統假設與定義 30
3.2.2 資料符號表 32
3.2.3 FIPAC運作流程 34
3.3 系統實作 47
第四章實驗與討論 50
4.1 情境一：FIPAC機制之效能量測 50
4.1.1 實驗一：邊緣路由器效能量測（單個客戶端裝置） 50
4.1.2 實驗二：邊緣路由器效能量測（五十個客戶端） 53
4.2 情境二：FIPAC機制之功能驗證 54
4.2.1 實驗三：邊緣路由器線上部署FIPAC機制 54
4.2.2 實驗四：網頁服務辨識 55
4.2.3 實驗五：熱門應用程式辨識 58
4.2.4 實驗六：作業系統相關服務辨識 60
4.2.5 實驗七：非熱門服務辨識 61
4.3 情境三：服務質量控制（QoS） 63
4.3.1 實驗八：Youtube服務質量控制 63
4.3.2 實驗九：惡意廣告網域封鎖 64
第五章結論與未來研究方向 67
5.1 結論 67
5.2 研究限制 67
5.3 未來方向 68
5.3.1 P4交換器 68
5.3.2 IPv6 68
5.3.3 使用者隱私 69
參考文獻 70

參考文獻

[1] L. Deri, M. Martinelli, T. Bujlow, and A. Cardigliano, "nDPI: Open-source high-speed deep packet inspection," in 2014 International Wireless Communications and Mobile Computing Conference (IWCMC), 2014, pp. 617-622.
[2] T. Karagiannis, K. Papagiannaki, and M. Faloutsos, "BLINC: multilevel traffic classification in the dark," presented at the Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications, Philadelphia, Pennsylvania, USA, 2005.
[3] L. Bernaille, R. Teixeira, I. Akodkenou, A. Soule, and K. Salamatian, "Traffic classification on the fly," SIGCOMM Comput. Commun. Rev., vol. 36, no. 2, pp. 23-26, 2006.
[4] F. Constantinou and P. Mavrommatis, "Identifying Known and Unknown Peer-to-Peer Traffic," in Fifth IEEE International Symposium on Network Computing and Applications (NCA′06), 2006, pp. 93-102.
[5] C. Xu, S. Chen, J. Su, S. Yiu, and L. C. Hui, "A Survey on Regular Expression Matching for Deep Packet Inspection: Applications, Algorithms, and Hardware Platforms," IEEE Communications Surveys and Tutorials, vol. 18, no. 4, pp. 2991-3029, 2016.
[6] S. Alcock and R. Nelson, Libprotoident: Traffic Classification Using Lightweight Packet Inspection. 2012.
[7] T. Bujlow, V. Carela-Espanol, and P. Barlet-Ros, "Independent comparison of popular DPI tools for traffic classification," Computer Networks, vol. 76, pp. 75-89, 2015.

[8] T. Bujlow and V. Carela-Espanol, "Comparison of Deep Packet Inspection (DPI) Tools for Traffic Classification," 2013.
[9] M. Finsterbusch, C. Richter, E. Rocha, J.-A. Muller, and K. Hanssgen, "A survey of payload-based traffic classification approaches," IEEE Communications Surveys & Tutorials, vol. 16, no. 2, pp. 1135-1156, 2014.
[10] J. Khalife, "Novel approaches in traffic classification," 2016.
[11] S. Jeong, D. Lee, J. Hyun, J. Li, and J. W. K. Hong, "Application-aware traffic engineering in software-defined network," in 2017 19th Asia-Pacific Network Operations and Management Symposium (APNOMS), 2017, pp. 315-318.
[12] 張芸甄, "基於P4-Switch 的深度封包檢測及流量動態服務品質保證," 碩士, 網路工程研究所, 國立交通大學, 新竹市, 2017.
[13] KDD Cup 1999. Available: http://kdd.ics.uci.edu/databases/kddcup99/
[14] M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, "A detailed analysis of the KDD CUP 99 data set," in Computational Intelligence for Security and Defense Applications, 2009. CISDA 2009. IEEE Symposium on, 2009, pp. 1-6: IEEE.
[15] The CAIADA Anonymized Internet Traces Dataset. Available: http://www.caida.org/data/passive/passive_dataset.xml
[16] T. A. Tang, L. Mhamdi, D. McLernon, S. A. R. Zaidi, and M. Ghogho, "Deep learning approach for network intrusion detection in software defined networking," in Wireless Networks and Mobile Communications (WINCOM), 2016 International Conference on, 2016, pp. 258-263: IEEE.
[17] N. Shone, T. N. Ngoc, V. D. Phai, and Q. Shi, "A deep learning approach to network intrusion detection," IEEE Transactions on Emerging Topics in Computational Intelligence, vol. 2, no. 1, pp. 41-50, 2018.
[18] 張鈺, "基於SVM之訊務分類機制及其於SDN網路之應用," 碩士, 軟體工程研究所, 國立中央大學, 桃園縣, 2016.
[19] L. M. Nair and G. Sajeev, "Internet traffic classification by aggregating correlated decision tree classifier," in Computational Intelligence, Modelling and Simulation (CIMSim), 2015 Seventh International Conference on, 2015, pp. 135-140: IEEE.
[20] Y. Ding, "A method of imbalanced traffic classification based on ensemble learning," in Signal Processing, Communications and Computing (ICSPCC), 2015 IEEE International Conference on, 2015, pp. 1-4: IEEE.
[21] F. Ghofrani, A. Jamshidi, and A. Keshavarz-Haddad, "Internet traffic classification using Hidden Naive Bayes model," in Electrical Engineering (ICEE), 2015 23rd Iranian Conference on, 2015, pp. 235-240: IEEE.
[22] F. Ghofrani, A. Keshavarz-Haddad, and A. Jamshidi, "Internet traffic classification using multiple classifiers," in Information and Knowledge Technology (IKT), 2015 7th Conference on, 2015, pp. 1-5: IEEE.
[23] 周?松, "基於統計特徵之應用程式辨識系統研製," 碩士, 通訊工程研究所, 國立清華大學, 新竹市, 2015.
[24] N.-F. Huang, C.-C. Li, C.-H. Li, C.-C. Chen, C.-H. Chen, and I.-H. Hsu, "Application identification system for SDN QoS based on machine learning and DNS responses," in Network Operations and Management Symposium (APNOMS), 2017 19th Asia-Pacific, 2017, pp. 407-410: IEEE.
[25] U. Trivedi and M. Patel, "A fully automated deep packet inspection verification system with machine learning," in 2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), 2016, pp. 1-6.
[26] Active DNS Project. Available: https://www.activednsproject.org/
[27] OpenINTEL. Available: https://www.openintel.nl/
[28] M. Trevisan, I. Drago, M. Mellia, and M. M. Munafo, "Towards web service classification using addresses and DNS," in Wireless Communications and Mobile Computing Conference (IWCMC), 2016 International, 2016, pp. 38-43: IEEE.
[29] A. Tongaonkar, R. Torres, M. Iliofotou, R. Keralapura, and A. Nucci, "Towards self adaptive network traffic classification," Computer Communications, vol. 56, pp. 35-46, 2015.
[30] P. Foremski, C. Callegari, and M. Pagano, "DNS?Class: immediate classification of IP flows using DNS," International Journal of Network Management, vol. 24, no. 4, pp. 272-288, 2014.
[31] I. N. Bermudez, M. Mellia, M. M. Munafo, R. Keralapura, and A. Nucci, "DNS to the rescue: discerning content and services in a tangled web," in Proceedings of the 2012 Internet Measurement Conference, 2012, pp. 413-426: ACM.
[32] T. Mori, T. Inoue, A. Shimoda, K. Sato, K. Ishibashi, and S. Goto, "SFMap: Inferring services over encrypted web flows using dynamical domain name graphs," in International Workshop on Traffic Monitoring and Analysis, 2015, pp. 126-139: Springer.
[33] G. ETSI, "Network functions virtualisation (nfv): Architectural framework," ETsI Gs NFV, vol. 2, no. 2, p. V1, 2013.
[34] ETSI Multi-access Edge Computing. Available: https://www.etsi.org/technologies-clusters/technologies/multi-access-edge-computing
[35] Micro-operator concept for boosting local service delivery. Available: http://www.oulu.fi/oulubusinessschool/node/41297

[36] OSI Model.
Available: https://zh.wikipedia.org/wiki/OSI%E6%A8%A1%E5%9E%8B
[37] Internet protocol suite (TCP/IP Model).
Available: https://en.wikipedia.org/wiki/Internet_protocol_suite
[38] K. R. James Kurose, Computer networks: a top-down approach 7th Global ed. Pearson, 2016.
[39] Advertisement list. Available: https://pgl.yoyo.org/adservers/
[40] P. Bosshart et al., "P4: Programming protocol-independent packet processors," ACM SIGCOMM Computer Communication Review, vol. 44, no. 3, pp. 87-95, 2014.

指導教授

周立德(Li-Der Chou)

審核日期

2018-8-23

推文