Deep packet: a novel approach for encrypted traffic classification using deep learning

Network traffic classification has become more important with the rapid growth of Internet and online applications. Numerous studies have been done on this topic which have led to many different approaches. Most of these approaches use predefined features extracted by an expert in order to classify...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:Soft computing (Berlin, Germany) Ročník 24; číslo 3; s. 1999 - 2012
Hlavní autori: Lotfollahi, Mohammad, Jafari Siavoshani, Mahdi, Shirali Hossein Zade, Ramin, Saberian, Mohammdsadegh
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Berlin/Heidelberg Springer Berlin Heidelberg 01.02.2020
Springer Nature B.V
Predmet:
Access control
Accuracy
Artificial Intelligence
Artificial neural networks
Classification
Communications traffic
Computational Intelligence
Control
Data encryption
Datasets
Deep learning
Engineering
Feature extraction
Identification
Internet service providers
Machine learning
Mathematical Logic and Foundations
Mechatronics
Methodologies and Application
Methods
Neural networks
Privacy
Protocol
Robotics
Statistical analysis
Streaming media
Virtual private networks
Deep learning
Stacked autoencoder
Deep Packet
Application identification
Convolutional neural networks
Network traffic classification
Traffic characterization
ISSN:1432-7643, 1433-7479
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:Network traffic classification has become more important with the rapid growth of Internet and online applications. Numerous studies have been done on this topic which have led to many different approaches. Most of these approaches use predefined features extracted by an expert in order to classify network traffic. In contrast, in this study, we propose a deep learning -based approach which integrates both feature extraction and classification phases into one system. Our proposed scheme, called “Deep Packet,” can handle both traffic characterization in which the network traffic is categorized into major classes (e.g., FTP and P2P) and application identification in which identifying end-user applications (e.g., BitTorrent and Skype) is desired. Contrary to most of the current methods, Deep Packet can identify encrypted traffic and also distinguishes between VPN and non-VPN network traffic. The Deep Packet framework employs two deep neural network structures, namely stacked autoencoder (SAE) and convolution neural network (CNN) in order to classify network traffic. Our experiments show that the best result is achieved when Deep Packet uses CNN as its classification model where it achieves recall of 0.98 in application identification task and 0.94 in traffic categorization task. To the best of our knowledge, Deep Packet outperforms all of the proposed classification methods on UNB ISCX VPN-nonVPN dataset.
Bibliografia:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1432-7643
1433-7479
DOI:10.1007/s00500-019-04030-2