research-article

End-to-end encrypted traffic classification with one-dimensional convolution neural networks

Authors:

Zhongzhen YangAuthors Info & Claims

2017 IEEE International Conference on Intelligence and Security Informatics (ISI)

Pages 43 - 48

https://doi.org/10.1109/ISI.2017.8004872

Published: 22 July 2017 Publication History

Abstract

Traffic classification plays an important and basic role in network management and cyberspace security. With the widespread use of encryption techniques in network applications, encrypted traffic has recently become a great challenge for the traditional traffic classification methods. In this paper we proposed an end-to-end encrypted traffic classification method with one-dimensional convolution neural networks. This method integrates feature extraction, feature selection and classifier into a unified end-to-end framework, intending to automatically learning nonlinear relationship between raw input and expected output. To the best of our knowledge, it is the first time to apply an end-to-end method to the encrypted traffic classification domain. The method is validated with the public ISCX VPN-nonVPN traffic dataset. Among all of the four experiments, with the best traffic representation and the fine-tuned model, 11 of 12 evaluation metrics of the experiment results outperform the state-of-the-art method, which indicates the effectiveness of the proposed method.

References

[1]

Z. Cao, G. Xiong, Y. Zhao, Z. Li and L. Guo, “A survey on encrypted traffic classification” in Applications and Techniques in Information Security, Springer, pp. 73–81, 2014.

[2]

P. Velan, M. Cermak, P. Celeda and M. Drasar, “A survey of methods for encrypted traffic classification and analysis”, International Journal of Network Management, vol. 25, no. 5, pp. 355–374, 2015.

Digital Library

[3]

G. Draper-Gil, A. H. Lashkari, M. S. I. Mamun and A. A. Ghorbani, “Characterization of encrypted and VPN traffic using time-related features”, In Proceedings of the 2nd International Conference on Information Systems Security and Privacy(lCISSP), pp. 407–414, 2016.

[4]

X. Che, B. Ip and L. Lin, “A Survey of Current YouTube Video Characteristics,” in IEEE MultiMedia, vol. 22, no. 2, pp. 56–63, Apr.-June 2015.

Digital Library

[5]

E. Biersack, C. Callegari and M. Matijasevic, Data traffic monitoring and analysis. Berlin: Springer, 2013.

[6]

W. Wang, X. Zeng, X. Ye, Y. Sheng and M. Zhu, “Malware Traffic Classification Using Convolutional Neural Networks for Representation Learning” in the 31st International Conference on Information Networking (lCOIN), Accepted, 2017.

[7]

T. H. Cormen, C. E. Leiserson, R. L. Rivest and C. Stein, Introductions to Algorithms, London, pp. 65–113, 2009.

[8]

Y. LeCun, L. Bottou, Y. Bengio, P. Haffner, “Gradient-Based Learning Applied to Document Recognition”, Proc. IEEE, vol. 86, no. 11, pp. 2278–2324, Nov. 1998.

[9]

G. E. Dahl T. N. Sainath and G. E. Hinton “Improving Deep Neural Networks for LVCSR Using Rectified Linear Units and Dropout” in Proc. ICASSP, 2013.

[10]

ISCX VPN-nonVPN encrypted network traffic dataset. http://www.unb.ca/cic/research/datasets/vpn.html, 2017.

[11]

D. Wang, L. Zhang, Z. Yuan, Y. Xue and Y. Dong, “Characterizing application behaviors for classifying p2p traffic”, Computing Networking and Communications (lCNC) 2014 International Conference on. IEEE, pp. 21–25, 2014.

[12]

S. E. Coull and K. P. Dyer, “Traffic analysis of encrypted messaging services: Apple iMessage and beyond”, ACM SIGCOMM Comput. Commun. Rev., pp. 5–11, 2014.

[13]

M. D. Mauro and M. Longo, “Revealing encrypted WebRTC traffic via machine learning tools”, SECRYPT 2015 - Proceedings of the 12th International Conference on Security and Cryptography, pp. 259–266, 20-22 July, 2015.

[14]

V. Aghaei-Foroushani and A. Zincir-Heywood, “A proxy identifier based on patterns in traffic flows,” in HASE, Jan 2015.

[15]

Z. Wang, “The Applications of Deep Learning on Traffic Identification” https:goo.gl/WouIM6. 2015.

[16]

N Gao, L Gao, Q Gao, “An Intrusion Detection Model Based on Deep Belief Networks”, Advanced Cloud and Big Data (CBD) 2014 Second International Conference on, pp. 247–252, 2014.

[17]

A. Javaid, Q. Niyaz, W. Sun and M. Alam. “A Deep Learning Approach for Network Intrusion Detection System” in Proc.9th EAI International Conference on Bio-inspired Information and Communications Technologies. New York, 2016.

[18]

A. Dainotti, A. Pescape and K. Claffy, “Issues and future directions in traffic classification”, Network IEEE, vol. 26, no. 1, pp. 35–40, 2012.

Digital Library

[19]

J. Gu, Z. Wang, J. Kuen, L. Ma, A. Shahroudy and B. Shuai, “Recent Advances in Convolutional Neural Networks”, arXiv preprint arXiv:, 2017.

[20]

Y. LeCun, Y. Bengio and G. Hinton, “Deep learning”, Nature, vol. 521, pp. 436–444, May 2015.

[21]

Y. Kim, “Convolutional Neural Networks for Sentence Classification”, Proc. Empirical Methods Natural Language Processing, pp. 1746–1751, 2014.

[22]

X. Zhang and Y. LeCun, “Text understanding from scratch”, arXiv preprint arXiv:, 2016.

[23]

V. Nair and G.E. Hinton, “Rectified Linear Units Improve Restricted Boltzmann Machines”, Proc. Int'l Conf. Machine Learning, 2010.

[24]

R. Collobert, J. Weston, L. Bottou, M. Karlen, K. Kavukcuoglu and P. Kuksa, “Natural Language Processing (almost) from Scratch”, J. Machine Learning Research, vol. 12, pp. 2493–2537, 2011.

Digital Library

[25]

M. Abadi, A. Agarwal, P. Barham, E. Brevdo, Z. Chen, C. Citro et al., “Tensor-Flow: Large-Scale Machine Learning on Heterogeneous Distributed Systems”, arXiv preprint arXiv:, 2016.

Cited By

Zhang Y(2024)A Multi-Scale Temporal Feature Extraction Approach for Network Traffic Anomaly DetectionInternational Journal of Information Security and Privacy10.4018/IJISP.35488418:1(1-20)Online publication date: 9-Aug-2024
https://dl.acm.org/doi/10.4018/IJISP.354884
Han XXu GZhang MYang ZYu ZHuang WMeng C(2024)DE-GNNComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2024.110372245:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.comnet.2024.110372
Le SLai YWang YHe H(2024)An adaptive classification and updating method for unknown network traffic in open environmentsComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2023.110114238:COnline publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1016/j.comnet.2023.110114
Show More Cited By

Index Terms

End-to-end encrypted traffic classification with one-dimensional convolution neural networks

Index terms have been assigned to the content through auto-classification.

Recommendations

An end-to-end QoS framework with on-demand bandwidth reconfiguration

This paper proposes a new QoS framework, called the On-Demand QoS Path framework (ODP). It provides end-to-end QoS guarantees to individual flows with minimal overhead, while keeping the scalability characteristic of DiffServ. ODP exercises per-flow ...
Proportional differentiated services for end-to-end traffic control
ICCNMC'05: Proceedings of the Third international conference on Networking and Mobile Computing

Due to multiple performance objectives of network traffic control, corresponding packet scheduling strategy in next generation broadband service convergence network attract more and more attention. At the same time, the end-to-end Quality of Service (...
End-to-End QoS Guarantees Over Diffserv Networks
ISCC '01: Proceedings of the Sixth IEEE Symposium on Computers and Communications

Abstract: The Integrated services (Intserv) architecture provides the Internet the ability of delivering End-to-End QoS to applications over heterogeneous networks. Existing approaches for providing Intserv require routers to manage per flow states and ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

2017 IEEE International Conference on Intelligence and Security Informatics (ISI)

Jul 2017

207 pages

Copyright © 2017.

Publisher

IEEE Press

Publication History

Published: 22 July 2017

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

48
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 28 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zhang Y(2024)A Multi-Scale Temporal Feature Extraction Approach for Network Traffic Anomaly DetectionInternational Journal of Information Security and Privacy10.4018/IJISP.35488418:1(1-20)Online publication date: 9-Aug-2024
https://dl.acm.org/doi/10.4018/IJISP.354884
Han XXu GZhang MYang ZYu ZHuang WMeng C(2024)DE-GNNComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2024.110372245:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.comnet.2024.110372
Le SLai YWang YHe H(2024)An adaptive classification and updating method for unknown network traffic in open environmentsComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2023.110114238:COnline publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1016/j.comnet.2023.110114
Li YChen XTang WZhu YHan ZYue Y(2024)Interaction mattersApplied Soft Computing10.1016/j.asoc.2024.111423155:COnline publication date: 1-Apr-2024
https://dl.acm.org/doi/10.1016/j.asoc.2024.111423
Mo LQi XLiu L(2024)Network traffic grant classification based on 1DCNN-TCN-GRU hybrid modelApplied Intelligence10.1007/s10489-024-05375-454:6(4834-4847)Online publication date: 1-Mar-2024
https://dl.acm.org/doi/10.1007/s10489-024-05375-4
Hu ZQu BLi XLi C(2024)An Encrypted Traffic Classification Framework Based on Higher-Interaction-Graph Neural NetworkInformation Security and Privacy10.1007/978-981-97-5101-3_21(383-403)Online publication date: 15-Jul-2024
https://dl.acm.org/doi/10.1007/978-981-97-5101-3_21
Tang JChen MChen HZhao SHuang Y(2023)A new dynamic security defense system based on TCP_REPAIR and deep learningJournal of Cloud Computing: Advances, Systems and Applications10.1186/s13677-022-00379-212:1Online publication date: 14-Feb-2023
https://dl.acm.org/doi/10.1186/s13677-022-00379-2
Wang ZLi MOu HPang SYue Z(2023)A Few-Shot Malicious Encrypted Traffic Detection Approach Based on Model-Agnostic Meta-LearningSecurity and Communication Networks10.1155/2023/36298312023Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.1155/2023/3629831
Hoang NDuong CVu MNguyen HTran XTong VTran H(2023)A New Transfer Learning-Based Traffic Classification Algorithm for a Multi-Domain SDN NetworkProceedings of the 12th International Symposium on Information and Communication Technology10.1145/3628797.3628804(235-242)Online publication date: 7-Dec-2023
https://dl.acm.org/doi/10.1145/3628797.3628804
Hamidouche MPopko EOuni B(2023)Enhancing IoT Security via Automatic Network Traffic Analysis: The Transition from Machine Learning to Deep LearningProceedings of the 13th International Conference on the Internet of Things10.1145/3627050.3627053(105-112)Online publication date: 7-Nov-2023
https://dl.acm.org/doi/10.1145/3627050.3627053
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents