Computer Science ›› 2021, Vol. 48 ›› Issue (4): 325-332.doi: 10.11896/jsjkx.200900155

• Information Security • Previous Articles    

Classification of Application Type of Encrypted Traffic Based on Attention-CNN

CHEN Ming-hao, ZHU Yue-fei, LU Bin, ZHAI Yi, LI Ding   

  1. School of Cyberspace Security,Information Engineering University,Zhengzhou 450001,China
    State Key Laboratory of Mathematical Engineering and Advanced Computing,Zhengzhou 450001,China
  • Received:2020-06-24 Revised:2020-11-02 Online:2021-04-15 Published:2021-04-09
  • About author:CHEN Ming-hao,born in 1996,master.His main research interests include cyber security and encrypted traffic classification.(
    ZHU Yue-fei,born in 1962,professor,Ph.D,supervisor.His main research interests include intrusion detection,cryptography and information security.
  • Supported by:
    Cutting-edge Science and Technology Innovation Project of the Key R&D Program of China(2019QY1300).

Abstract: With the development of traffic encryption technology,encrypted traffic has gradually replaced non-encrypted traffic and become the most important part of the current network environment.While protecting users’ privacy,encrypted traffic is also used by malicious software to avoid the defense of traditional intrusion detection system based on the port or payload keywords of traffic,which brings serious threat to network security.In view of the limitations of conventional classification methods,resear-chers try to use artificial intelligence method to classify the application type of encrypted traffic,but the existing researches usually do not make full use of the characteristics of encrypted traffic,resulting in poor performance in the actual complex network environment.To solve the problems mentioned above,this paper proposes an encrypted traffic classification method based on Attention-CNN model.After the preliminary feature extraction of encrypted traffic,we use both BiLSTM+Attention and 1D-CNN model to compress and further extract the temporal and spatial features of encrypted traffic respectively.Finally,one fully connected neural network is used for the final classification based on the obtained mixed features.Experiments are carried out on the ISCXVPN2016 dataset which is the widely used open source dataset in encrypted traffic classification area.Experimental results show that the overall classification precision of the Attetnion-CNN could reach 98.7% and the F1 score is significantly improved compared with several existing studies.

Key words: 1D-CNN, Attention mechanism, BiLSTM, Cyber security, Encrypted traffic

CLC Number: 

  • TP309
[1]Google.Google Transparencyreport [R/OL].(2020-07)[2020-07-01].
[2]Cisco.Cisco Encrypted Traffic Analytics White Paper[R/OL].(2019-07)[2019-07-20].
[3]Radware (2018).Global application and network security report[EB/OL].https://www.datacomcz/userfifiles/radware_ert_report_2017_2018_fifinal.pdf.
[4]MADHUKAR A,WILLIAMSON C.A Longitudinal Study ofP2P Traffic Classification[C]//modeling,analysis,and simulation on computer and telecommunication systems.2006:179-188.
[5]REZAEI S,LIU X.Deep Learning for Encrypted Traffic Classification:An Overview[J].IEEE Communications Magazine,2019,57(5):76-81.
[6]LOPEZ-MARTIN M,CARRO B,SANCHEZ-ESGUEVILLASA,et al.Network Traffic Classifier With Convolutional and Recurrent Neural Networks for Internet of Things[J].IEEE Access,2017(99):18042-18050.
[7]CHEN Z,HE K,LI J,et al.Seq2Img:A sequence-to-imagebased approach towards IP traffic classification using convolutional neural networks[C]//International Conference on Big Data.2017:1271-1276.
[8]HOCHST J,BAUMGARTNER L,HOLLICK M,et al.Unsupervised Traffic Flow Classification Using a Neural Autoenco-der[C]//Local Computer Networks.2017:523-526.
[9]HU B,ZHOU Z H,LIAO L H,et al.TLS malicious traffic detection based on combined features of packet payload and stream fingerprints[J].Computer Engineering,2020,46(520):163-169.
[10]ZOU Y,ZHANG J,JIANG B.Detection of malicious encrypted traffic based on LSTM recurrent neural network[J].Computer Applications and Software,2020,37(2):308-312.
[11]GUO L,WU Q,LIU S,et al.Deep learning-based real-time VPN encrypted traffic identification methods[J].Journal of Real-Time Image Processing,2020,17(1):103-114.
[12]CHENG H,XIE J X,CHEN L H.CNN-based Encrypted C&C Communication Traffic Identification Method[J].Computer Engineering,2019,45(8):31-34,41.
[13]HWANG R H,PENG M C,NGUYEN V L,et al.An LSTM-Based Deep Learning Approach for Classifying Malicious Traffic at the Packet Level[J].Applied Sciences,2019,9(16):3414.
[14]REZAEI S,LIU X.How to Achieve High Classification Accuracy with Just a Few Labels:A Semi-supervised Approach Using Sampled Packets[J].arXiv:1812.09761,2020.
[15]VU L,BUI C T,NGUYEN Q U,et al.A Deep Learning Based Method for Handling Imbalanced Problem in Network Traffic Classification[C]//International Symposium on Information and Communication Technology.2017:333-339.
[16]LASHKARI A H,DRAPER-GIL G,MAMUN M S I,et al.Characterization of Encrypted and VPN Traffic Using Time-Related Features[C]//Proceedings of the 2nd International Conference on Information Systems Security and Privacy(ICISSP 2016).2016:407-414.
[17]LOTFOLLAHI M,SIAVOSHANI M J,ZADE R S,et al.Deep Packet:A Novel Approach For Encrypted Traffic Classification Using Deep Learning[J].Soft Computing,2020,24(3):1999-2012.
[18]ZHOU P,SHI W,TIAN J,et al.Attention-Based Bidirectional Long Short-Term Memory Networks for Relation Classification[C]//Proceedings of the 54th Annual Meeting of the Association for Computational Linguistics (Volume 2:Short Papers).2016.
[19]WANG W,ZHU M,ZENG X,et al.Malware traffic classifica-tion using convolutional neural network for representation learning[C]//International Conference on Information Networking.2017:712-717.
[20]WANG W,ZHU M,WANG J,et al.End-to-end encrypted traffic classification with one-dimensional convolution neural networks[C]//2017 IEEE International Conference on Intelligence and Security Informatics (ISI).IEEE,2017.
[1] RAO Zhi-shuang, JIA Zhen, ZHANG Fan, LI Tian-rui. Key-Value Relational Memory Networks for Question Answering over Knowledge Graph [J]. Computer Science, 2022, 49(9): 202-207.
[2] WANG Lei, LI Xiao-yu. LBS Mobile Privacy Protection Scheme Based on Random Onion Routing [J]. Computer Science, 2022, 49(9): 347-354.
[3] ZHOU Fang-quan, CHENG Wei-qing. Sequence Recommendation Based on Global Enhanced Graph Neural Network [J]. Computer Science, 2022, 49(9): 55-63.
[4] DAI Yu, XU Lin-feng. Cross-image Text Reading Method Based on Text Line Matching [J]. Computer Science, 2022, 49(9): 139-145.
[5] ZHOU Le-yuan, ZHANG Jian-hua, YUAN Tian-tian, CHEN Sheng-yong. Sequence-to-Sequence Chinese Continuous Sign Language Recognition and Translation with Multi- layer Attention Mechanism Fusion [J]. Computer Science, 2022, 49(9): 155-161.
[6] XIONG Li-qin, CAO Lei, LAI Jun, CHEN Xi-liang. Overview of Multi-agent Deep Reinforcement Learning Based on Value Factorization [J]. Computer Science, 2022, 49(9): 172-182.
[7] JIANG Meng-han, LI Shao-mei, ZHENG Hong-hao, ZHANG Jian-peng. Rumor Detection Model Based on Improved Position Embedding [J]. Computer Science, 2022, 49(8): 330-335.
[8] WANG Ming, PENG Jian, HUANG Fei-hu. Multi-time Scale Spatial-Temporal Graph Neural Network for Traffic Flow Prediction [J]. Computer Science, 2022, 49(8): 40-48.
[9] ZHU Cheng-zhang, HUANG Jia-er, XIAO Ya-long, WANG Han, ZOU Bei-ji. Deep Hash Retrieval Algorithm for Medical Images Based on Attention Mechanism [J]. Computer Science, 2022, 49(8): 113-119.
[10] SUN Qi, JI Gen-lin, ZHANG Jie. Non-local Attention Based Generative Adversarial Network for Video Abnormal Event Detection [J]. Computer Science, 2022, 49(8): 172-177.
[11] YAN Jia-dan, JIA Cai-yan. Text Classification Method Based on Information Fusion of Dual-graph Neural Network [J]. Computer Science, 2022, 49(8): 230-236.
[12] ZHANG Ying-tao, ZHANG Jie, ZHANG Rui, ZHANG Wen-qiang. Photorealistic Style Transfer Guided by Global Information [J]. Computer Science, 2022, 49(7): 100-105.
[13] ZENG Zhi-xian, CAO Jian-jun, WENG Nian-feng, JIANG Guo-quan, XU Bin. Fine-grained Semantic Association Video-Text Cross-modal Entity Resolution Based on Attention Mechanism [J]. Computer Science, 2022, 49(7): 106-112.
[14] XU Ming-ke, ZHANG Fan. Head Fusion:A Method to Improve Accuracy and Robustness of Speech Emotion Recognition [J]. Computer Science, 2022, 49(7): 132-141.
[15] MENG Yue-bo, MU Si-rong, LIU Guang-hui, XU Sheng-jun, HAN Jiu-qiang. Person Re-identification Method Based on GoogLeNet-GMP Based on Vector Attention Mechanism [J]. Computer Science, 2022, 49(7): 142-147.
Full text



No Suggested Reading articles found!