Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (8): 396-402.doi: 10.11896/jsjkx.230500032

• Information Security • Previous Articles     Next Articles

Encrypted Traffic Classification of CNN and BiGRU Based on Self-attention

CHEN Siyu1, MA Hailong2, ZHANG Jianhui3   

  1. 1 School of Cyber Science and Engineering,Zhengzhou University,Zhengzhou 450001,China
    2 Institute of Information Technology,PLA Information Engineering University,Zhengzhou 450001,China
    3 Songshan Laboratory,Zhengzhou 450001,China
  • Received:2023-05-06 Revised:2023-08-31 Online:2024-08-15 Published:2024-08-13
  • About author:CHEN Siyu,born in 2000,master.Her main research interests include cyber security and encrypted traffic classification.
    MA Hailong,born in 1980,Ph.D,professor,Ph.D supervisor.His main research interests include endogenous security in cyberspace,intelligent awareness of cyber threats,and innovative cyber systems.
  • Supported by:
    National Key Research and Development Program of China(2022YFB2901403) and Major Scientific and Technological Project in Henan Province(221100210900-01).

PDF (PC)

401

Abstract: To address the problems of low accuracy of traditional encrypted traffic classification methods,the use of traffic load will violate user privacy and weak generalization ability,an encrypted traffic classification method of CNN and BiGRU based on self-attention(CNN-AttBiGRU) is proposed,which can be applied to both regular encrypted and VPN and Tor encrypted traffic.The method converts traffic into intuitive pictures based on packet size,packet arrival time and packet arrival direction.To improve the accuracy of the model,CNN is used to extract the spatial features of traffic pictures,while BiGRU and self-attention models are designed to extract temporal features,making full use of the temporal and spatial features of traffic pictures.The traffic can be classified at different levels by traffic category,encryption technique and application type.The proposed method achieves an average accuracy of 95.2% for classification of encrypted traffic categories,which is 11.65% better than before;95.5% for classification of encryption technologies,which is 7.1% better than before;and 99.8% for classification of applications used by traffic,which is 11.03% better than before.Experimental results show that the CNN-AttBiGRU method has strong ge-neralization ability and only utilizes some statistical features of encrypted traffic,which effectively protects user privacy while achieving high accuracy rates.

Key words: Encrypted traffic classification, Deep learning, CNN, BiGRU, Self-attention

CLC Number: 

  • TP309
[1]WANG Z,FOK K W,THING V L L.Machine learning for encrypted malicious traffic detection:Approaches,datasets and comparative study[J].Computers & Security,2022,113:102542.
[2]REZAEI S,LIU X.Deep learning for encrypted traffic classification:An overview[J].IEEE Communications Magazine,2019,57(5):76-81.
[3]ZENG Y,GU H,WEI W,et al.Deep-Full-Range:a deep lear-ning based network encrypted traffic classification and intrusion detection framework[J].IEEE Access,2019,7:45182-45190.
[4]DRAPER-GIL G,LASHKARI A H,MAMUN M S I,et al.Characterization of encrypted and vpn traffic using time-related[C]//Proceedings of the 2nd International Conference on Information Systems Security and Privacy(ICISSP).2016:407-414.
[5]LASHKARI A H,DRAPER-GIL G,MAMUN M S I,et al.Characterization of tor traffic using time based features[C]//ICISSP.2017:253-262.
[6]WANG Y,ZHOU W Y,FENG H,et al.A deep convolutional neural network-based approach for network traffic classification[J].Journal on Communications,201839(1):14-23.
[7]CHENG J,WU Y,E Y P,et al.MATEC:A lightweight neural network for online encrypted traffic classification[J].Computer Networks,2021,199:108472.
[8]ACETO G,CIUONZO D,MONTIERI A,et al.Mobile encryp-ted traffic classification using deep learning:Experimental evaluation,lessons learned,and challenges[J].IEEE Transactions on Network and Service Management,2019,16(2):445-458.
[9]LIU C,HE L,XIONG G,et al.Fs-net:A flow sequence network for encrypted traffic classification[C]//IEEE INFOCOM 2019-IEEE Conference on Computer Communications.IEEE,2019:1171-1179.
[10]HE Y,LI W.Image-based encrypted traffic classification with convolution neural networks[C]//2020 IEEE Fifth Interna-tional Conference on Data Science in Cyberspace(DSC).IEEE,2020:271-278.
[11]ZHANG S L,CHENG G,ZHANG W C.An improved deep convolutional neural network-based method for network traffic classification[J].Chinese Science:Information Science,2021,51(1):56-74.
[12]LOTFOLLAHI M,JAFARI SIAVOSHANI M,SHIRALIHOSSEIN ZADE R,et al.Deep packet:A novel approach for encrypted traffic classification using deep learning[J].Soft Computing,2020,24(3):1999-2012.
[13]XIE J N,MA C H,LI Z Y,et al.An encrypted traffic classification method based on convolutional neural networks[J].Journal of Network and Information Security,2022,8(6):84-91.
[14]SHAPIRA T,SHAVITT Y.FlowPic:A generic representation for encrypted traffic classification and applications identification[J].IEEE Transactions on Network and Service Management,2021,18(2):1218-1232.
[15]GUO L,WU Q,LIU S,et al.Deep learning-based real-time VPN encrypted traffic identification methods[J].Journal of Real-Time Image Processing,2020,17:103-114.
[16]DODIA P,ALSABAH M,ALRAWI O,et al.Exposing the Rat in the Tunnel:Using Traffic Analysis for Tor-based Malware Detection[C]//Proceedings of the 2022 ACM SIGSACConfe-rence on Computer and Communications Security.2022:875-889.
[17]CHEN M H,ZHU Y F,LU B,et al.Attention-CNN-based application type identification for encrypted traffic[J].Computer Science,2021,48(4):325-332.
[18]KRIZHEVSKY A,SUTSKEVER I,HINTON G E.Imagenetclassification with deep convolutional neural networks[J].Communications of the ACM,2017,60(6):84-90.
[19]YAO H,LIU C,ZHANG P,et al.Identification of encryptedtraffic through attention mechanism based long short term memory[J].IEEE Transactions on Big Data,2019,8(1):241-252.
[20]LIU X,YOU J,WU Y,et al.Attention-based bidirectional GRU networks for efficient HTTPS traffic classification[J].Information Sciences,2020,541:297-315.
[21]KINGMA D P,BA J.Adam:A method for stochastic optimization[J].arXiv:1412.6980,2014.
[1] XIAO Xiao, BAI Zhengyao, LI Zekai, LIU Xuheng, DU Jiajin. Parallel Multi-scale with Attention Mechanism for Point Cloud Upsampling [J]. Computer Science, 2024, 51(8): 183-191.
[2] ZHANG Junsan, CHENG Ming, SHEN Xiuxuan, LIU Yuxue, WANG Leiquan. Diversified Label Matrix Based Medical Image Report Generation [J]. Computer Science, 2024, 51(8): 200-208.
[3] GUO Fangyuan, JI Genlin. Video Anomaly Detection Method Based on Dual Discriminators and Pseudo Video Generation [J]. Computer Science, 2024, 51(8): 217-223.
[4] SUN Yumo, LI Xinhang, ZHAO Wenjie, ZHU Li, LIANG Ya’nan. Driving Towards Intelligent Future:The Application of Deep Learning in Rail Transit Innovation [J]. Computer Science, 2024, 51(8): 1-10.
[5] KONG Lingchao, LIU Guozhu. Review of Outlier Detection Algorithms [J]. Computer Science, 2024, 51(8): 20-33.
[6] TANG Ruiqi, XIAO Ting, CHI Ziqiu, WANG Zhe. Few-shot Image Classification Based on Pseudo-label Dependence Enhancement and NoiseInterferenceReduction [J]. Computer Science, 2024, 51(8): 152-159.
[7] SHI Dianxi, GAO Yunqi, SONG Linna, LIU Zhe, ZHOU Chenlei, CHEN Ying. Deep-Init:Non Joint Initialization Method for Visual Inertial Odometry Based on Deep Learning [J]. Computer Science, 2024, 51(7): 327-336.
[8] FAN Yi, HU Tao, YI Peng. Host Anomaly Detection Framework Based on Multifaceted Information Fusion of SemanticFeatures for System Calls [J]. Computer Science, 2024, 51(7): 380-388.
[9] GAN Run, WEI Xianglin, WANG Chao, WANG Bin, WANG Min, FAN Jianhua. Backdoor Attack Method in Autoencoder End-to-End Communication System [J]. Computer Science, 2024, 51(7): 413-421.
[10] YANG Heng, LIU Qinrang, FAN Wang, PEI Xue, WEI Shuai, WANG Xuan. Study on Deep Learning Automatic Scheduling Optimization Based on Feature Importance [J]. Computer Science, 2024, 51(7): 22-28.
[11] LI Jiaying, LIANG Yudong, LI Shaoji, ZHANG Kunpeng, ZHANG Chao. Study on Algorithm of Depth Image Super-resolution Guided by High-frequency Information ofColor Images [J]. Computer Science, 2024, 51(7): 197-205.
[12] WANG Yingjie, ZHANG Chengye, BAI Fengbo, WANG Zumin. Named Entity Recognition Approach of Judicial Documents Based on Transformer [J]. Computer Science, 2024, 51(6A): 230500164-9.
[13] LIANG Fang, XU Xuyao, ZHAO Kailong, ZHAO Xuanfeng, ZHANG Guijun. Remote Template Detection Algorithm and Its Application in Protein Structure Prediction [J]. Computer Science, 2024, 51(6A): 230600225-7.
[14] PENG Bo, LI Yaodong, GONG Xianfu, LI Hao. Method for Entity Relation Extraction Based on Heterogeneous Graph Neural Networks and TextSemantic Enhancement [J]. Computer Science, 2024, 51(6A): 230700071-5.
[15] ZHANG Tianchi, LIU Yuxuan. Research Progress of Underwater Image Processing Based on Deep Learning [J]. Computer Science, 2024, 51(6A): 230400107-12.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.