Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (10): 399-407.doi: 10.11896/jsjkx.230900103

• Information Security • Previous Articles     Next Articles

Identification of Mobile Service Type of Encrypted Traffic Based on Fusion of Inception andSE-Attention

WANG Yijing1, WANG Qingxian1, DING Dazhao2, YAN Tingju1, CAO Yan1   

  1. 1 School of Cyber Science and Engineering,Zhengzhou University,Zhengzhou 450002,China
    2 Songshan Laboratory,Zhengzhou 450000,China
  • Received:2023-09-18 Revised:2024-03-11 Online:2024-10-15 Published:2024-10-11
  • About author:WANG Yijing,born in 1999,postgra-duate.Her main research interests include wireless network security and encrypted traffic classification.
    CAO Yan,born in 1983,Ph.D,is a member of CCF(No.17447M).His main research interests include network and system security and vulnerability discovery.
  • Supported by:
    National Natural Science Foundation of China(61871404),Science and Technology Project of Henan Province(232102210045,232102210124),Songshan Laboratory Sponsorship Project(232102210124) and Songshan Laboratory Pre-Research Project(YYYY032022005).

PDF (PC)

265

Abstract: Mobile devices usually access WLAN and rely on WiFi encryption protocol to encrypt data link layer traffic in the network to maintain communication security.However,existing encrypted traffic identification methods mainly analyze traffic loads at the network layer and above,and cannot effectively identify the mobile service category of link layer encrypted traffic.To address this problem,a mobile service identification method based on link layer traffic in WiFi encryption scenarios is proposed.By passively sniffing WiFi data frames and extracting the traffic-side channel features available in the link layer,the traffic data is converted into a 2D histogram matrix.The recognition model,SE-Inception,is proposed by integrating the Inception network and SE-Attention mechanism,aiming to better capture the details and global information in the distribution features of traffic data frames,and highlighting the attention to important features to improve the recognition accuracy.In this paper,real datasets are used for experimental validation,and the results show that the method can effectively recognize the mobile service category of link-layer encrypted traffic in WiFi encryption scenarios,with an average accuracy of up to 98.29%,which is a better performance compared with the existing recognition methods.

Key words: WLAN, Link-layer encrypted traffic, Traffic identification, Inception, SE-attention

CLC Number: 

  • TP309
[1]CNNIC.The 52nd Statistical Report on China's Internet Deve-lopment [EB/OL].(2023-08-28)[2023-08-30].https://www.cnnic.cn/n4/2023/0828/c199-10830.html.
[2]LASHKARI A H,DANESH M M S,SAMADI B.A survey on wireless security protocols (WEP,WPA and WPA2/802.11 i)[C]//2009 2nd IEEE International Conference on Computer Science and Information Technology.IEEE,2009:48-52.
[3]Radware (2018).Global application and network security report[EB/OL].https://www.Datacomcz/userfiles/radware_ert_report_2017_2018_fifinal.pdf.
[4]RAO Q M,PENG Y B.Automatic Fingerprint Extraction Me-thod Based On DPI[J].Computer Applications and Software,2021,38(4):328-333.
[5]LIU Y,SONG T,LIAO L J.A Real-Time Mobile Traffic Classification Approach Based on Timing Sequence Flow[J].Transactions of Beijing Institute of Technology,2018,38(5):537-544.
[6]YAO H,RANJAN G,TONGAONKAR A,et al.Samples:Self adaptive mining of persistent lexical snippets for classifying mobile application traffic[C]//Proceedings of the 21st Annual International Conference on Mobile Computing and Networking.2015:439-451.
[7]HAN X,ZHOU Y,HUANG L,et al.Maximum entropy based IP-traffic classification in mobile communication networks[C]//2012 IEEE Wireless Communications and Networking Confe-rence(WCNC).IEEE,2012:2140-2145.
[8]WANG Q,YAHYAVI A,KEMME B,et al.I know what youdid on your smartphone:Inferring app usage over encrypted data traffic[C]//2015 IEEE Conference on Communications and Network Security (CNS).IEEE,2015:433-441.
[9]ZHANG F,HE W,LIU X,et al.Inferring users' online activities through traffic analysis[C]//Proceedings of the Fourth ACM Conference on Wireless Network Security.2011:59-70.
[10]YIN H D,ZHANG J Y,SHANG Q H.Classification and Recognition of Encrypted Traffic in Wireless Networks Based on Data Link Layer Features[J].Computer Measurement & Control,2021,29(5):220-224.
[11]LI J,MA X,GUODONG L,et al.Can we learn what people are doing from raw DNS queries?[C]//IEEE INFOCOM 2018-IEEE Conference on Computer Communications.IEEE,2018:2240-2248.
[12]VAN EDE T,BORTOLAMEOTTI R,CONTINELLA A,et al.Flowprint:Semi-supervised mobile-app fingerprinting on encrypted network traffic[C]//Network and Distributed System Security Symposium (NDSS).2020.
[13]MONGKOLLUKSAMEE S,VISOOTTIVISETH V,FUKUDA K.Enhancing the performance of mobile traffic identification with communication patterns[C]//2015 IEEE 39th Annual Computer Software and Applications Conference.IEEE,2015:336-345.
[14]BAGUI S,FANG X,KALAIMANNAN E,et al.Comparison of machine-learning algorithms for classification of VPN network traffic flow using time-related features[J].Journal of Cyber Security Technology,2017,1(2):108-126.
[15]TAYLOR V F,SPOLAOR R,CONTI M,et al.Robust smartphone app identification via encrypted network traffic analysis[J].IEEE Transactions on Information Forensics and Security,2017,13(1):63-78.
[16]SALTAFORMAGGIO B,CHOI H,JOHNSON K,et al.Eavesdropping on {Fine-Grained} user activities within smartphone apps over encrypted network traffic[C]//10th USENIX Workshop on Offensive Technologies (WOOT 16).2016.
[17]GUO L,WU Q,LIU S,et al.Deep learning-based real-time VPN encrypted traffic identification methods[J].Journal of Real-Time Image Processing,2020,17:103-114.
[18]XIAO X,XIAO W,LI R,et al.EBSNN:extended byte segment neural network for network traffic classification[J].IEEE Transactions on Dependable and Secure Computing,2021,19(5):3521-3538.
[19]ACETO G,CIUONZO D,MONTIERI A,et al.Encrypted multi-task traffic classification via multimodal deep learning[C]//IEEE International Conference on Communications.IEEE,2021:1-6.
[20]HU X,GU C,WEI F.CLD-Net:a network combining CNN and LSTM for internet encrypted traffic classification[J].Security and Communication Networks,2021,2021:1-15.
[21]CHEN M H,ZHU Y F,LU B,et al.Classification of Application Type of Encrypted Traffic Based on Attention-CNN[J].Computer Science,2021,48(4):325-332.
[22]LI Q,SHI W,SUN J P,et al.The research of network trafficidentification based on convolutional neural network[J].Journal of Sichuan University(Natural Science Edition),2017,54(5):959-964.
[23]CHEN X J,WANG P,YU J H.CNN based entrypted trafficidentification method[J].Journal of Nanjing University of Posts and Telecommunications(Natural Science Edition),2018,38(6):36-41.
[1] HU Jing-hui, XU Peng. Automatic Classification of Aviation Fastener Products Based on Image Classification [J]. Computer Science, 2021, 48(6A): 63-66.
[2] ZHOU Yi-min, LIU Fang-zheng , WANG Yong. IPSec VPN Encrypted Traffic Identification Based on Hybrid Method [J]. Computer Science, 2021, 48(4): 295-302.
[3] GUAN Zheng, LYU Wei, JIA Yao, YANG Zhi-jun. Research on Two-level Scheduled In-band Full-duplex Media Access Control Mechanism [J]. Computer Science, 2021, 48(11A): 464-470.
[4] WANG Ge-ge, GUO Tao, LI Gui-yang. Multi-layer Perceptron Deep Convolutional Generative Adversarial Network [J]. Computer Science, 2019, 46(9): 243-249.
[5] WANG Li, XIA Ming-shan, WEI Zhan-chen, QI Fa-zhi, CHEN Gang. Security of User Access to Single SSID Wireless Network [J]. Computer Science, 2019, 46(11A): 405-408.
[6] WANG Dong, YUAN Wei, WU Di. Monitoring System for Library Environment Based on WiFi Internet of Things [J]. Computer Science, 2018, 45(11A): 532-534.
[7] GAO Wan-ling, HONG Mei, YANG Qiu-hui and ZHAO He. Efficiency Analysis of Different Statistical Algorithms on Statistical Model Checking [J]. Computer Science, 2017, 44(Z6): 499-503.
[8] SHI Zhi-kai and ZHU Guo-sheng. WF-C4.5:Handheld Terminal Traffic Identification Method Based on C4.5 Decision Tree in WiFi Environment [J]. Computer Science, 2017, 44(Z6): 270-273.
[9] WANG Yue. Impact of Path Loss Exponent on Interference and Carrier Sensing Performance Metrics of 802.11 WLANs [J]. Computer Science, 2017, 44(7): 84-88.
[10] WANG Chun-zhi, ZHANG Hui-li and YE Zhi-wei. Peer-to-Peer Traffic identification Method Based on Chaos Particle Swarm Algorithm and Wavelet SVM [J]. Computer Science, 2015, 42(10): 117-121.
[11] LIU Yi, YE Yuan-hang and LING Jie. Transmission Interference Prediction Approach in WLAN Channel [J]. Computer Science, 2015, 42(10): 106-112.
[12] YE Jin,LI Tao-shen,WANG Zheng-fei and ZHANG Xiang-li. Defense Mechanism against Misbehavior of MAC Layer in WLAN [J]. Computer Science, 2013, 40(12): 90-93.
[13] XIE Dai-jun,HU Han-ying and KONG Fan-zeng. Indoor Positioning Algorithm for WLAN Based on Distribution Overlap and Feature Weighting [J]. Computer Science, 2013, 40(11): 38-42.
[14] . Research on P2P Traffic Identification Based on K-means Ensemble and SVM [J]. Computer Science, 2012, 39(4): 46-48.
[15] . Entropy of Characteristics Based Anomaly Traffic Identification Technique [J]. Computer Science, 2012, 39(12): 38-41.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.