Deep learning-based real-time VPN encrypted traffic identification methods
Tóm tắt
With the widespread application of virtual private network (VPN) technology, real-time VPN traffic identification has become an increasingly important task in network management and security maintenance. Since traditional encrypted traffic identification technology is not effective in feature extraction and selection, this paper proposes two deep learning-based models to classify the traffic into VPN and non-VPN traffic, identify VPN traffic generated by six different applications much further. Our models utilize convolutional auto-encoding (CAE) and convolutional neural network (CNN), respectively, preprocessing the traffic samples into session pictures, to accomplish the experiment objectives. The CAE-based method, utilizing the unsupervised nature of CAE to extract the hidden layer features, can automatically learn the nonlinear relationship between original input and expected output. The CNN-based method performs well in extracting two-dimensional local features of images. Experimental results show that our models perform better than traditional identification methods. In the two-category identification, the best result comes from the CAE-based model; the overall identification accuracy rate is 98.77%. Among the six-category identification, the best result comes from CNN-based model; the overall identification accuracy rate is 92.92%.
Tài liệu tham khảo
Wubin, P., Guang, C., Xiaojun, G., et al.: Review and perspective on encrypted traffic identification research[J]. Trans. Commun. 37(9), 154–167 (2016) (in Chinese)
Qi, L., Zhou, Z., Jiguo, Yu., Liu, Q.: Data-sparsity tolerant web service recommendation approach based on improved collaborative filtering. IEICE Trans. Inf. Syst. E100D(9), 2092–2099 (2017)
Wei, W., Zhang, H., Li, B., et al.: Active Identification of VPN server based on correlation detecting[J]. Ind. Control Comput. 30(3), 111–112 (2017) (in Chinese)
Draper-Gil, G., Lashkari, A.H., Mamun, M.S.I., et al.: Characterization of encrypted and VPN traffic using time-related features. In: Proceedings of the 2nd International Conference on Information Systems Security and Privacy (ICISSP 2016), pp. 407–414 (2016)
Bagui, S., Fang, X., Kalaimannan, E., et al.: Comparison of machine-learning algorithms for classification of VPN network traffic flow using time-related features. J. Cyber Secur. Technol. 1(2), 108–126 (2017)
Yamansavascilar, B., Guvensan, M.A., Yavuz, A.G., et al.: Application identification via network traffic classification. In: IEEE International Conference on Computing, Networking and Communications (ICNC). IEEE, pp. 843–848 (2017)
Wang, Z.: The applications of deep learning on traffic identification[J]. BlackHat USA, 24p (2015)
Lotfollahi, M., Siavoshani, M.J., Zade, R.S.H., et al.: Deep packet: a novel approach for encrypted traffic classification using deep learning. Soft. Comput. (2017). https://doi.org/10.1007/s00500-019-04030-2
Wang, W., Zhu, M., Wang, J., et al.: End-to-end encrypted traffic classification with one-dimensional convolution neural networks. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, pp. 43–48 (2017)
Li, D., Zhu, Y., Lin. W.: Mobile app traffic identification based on visual perception feature[J]. J. Comput. App. 2019(4) (in Chinese)
Chen, X., Wang, P., Yu, J.: CNN based encrypted traffic identification method. J. Nanjing Univ. Posts Telecommun. Nat. Sci. Edn. (2018). https://doi.org/10.14132/j.cnki.1673-5439.2018.06.006
Wang, P., Chen, X.: SAE-based encrypted traffic identification method. Comput. Eng. 44(11), 140–147 (2018). https://doi.org/10.19678/j.issn.1000-3428.0052059
Wang, W., Zhu, M., Zeng, X., et al.: Malware traffic classification using convolutional neural network for representation learning. In: 2017 International Conference on Information Networking (ICOIN). IEEE, pp. 712–717 (2017)
Jia, Q., Wang, X., Zhou, L., et al.: New Local feature description algorithm based on improved convolutional auto-encoder[J]. Comput. Eng. Appl. 53(19), 184–191 (2017) (in Chinese)
Zhao, J., Mathieu, M., Goroshin, R., et al.: Stacked what-where auto-encoders[J] (2015). http://arXiv.org/abs/1506.02351
Xu, F., Zhang, X., Xin, Z., et al.: Investigation on the Chinese text sentiment analysis based on convolutional neural networks in deep learning[J]. Comput. Mater. Contin 58(3), 697–709 (2019)
Pan, L., Qin, J., Chen, H., et al.: Image augmentation-based food recognition with convolutional neural networks[J]. CMC Comput. Mater. Contin. 59(1), 297–313 (2019)
Liu, Z., Xiang, B., Song, Y., et al.: An improved unsupervised image segmentation method based on multi-objective particle swarm optimization clustering algorithm[J]. CMC Comput. Mater. Contin. 58(2), 451–461 (2019). (ISBN:978-1-4503-0000-0/18/06)
Hong, X., Zheng, X., Xia, J., et al.: Cross-lingual non-ferrous metals related news recognition method based on CNN with a limited bi-lingual dictionary[J]. Comput. Mater. Contin. 58(2), 379–389 (2019)
Rezaei, S., Liu, X.: Deep learning for encrypted traffic classification: an overview. IEEE Commun. Mag. 57(5), 76–81 (2019)
Glorot, X., Bengio, Y.: Understanding the difficulty of training deep feedforward neural networks. In: Proceedings of the thirteenth international conference on artificial intelligence and statistics, pp 249–256 (2010)
Zhou, Z., Mu, Y., Wu, Q.M.J.: Coverless Image steganography using partial-duplicate image retrieval[J]. Soft Comput. 23(13), 4927–4938 (2019)
Zhou, Z., Wu, J.Q.M., Sun, X.: Multiple distances-based coding: toward scalable feature matching for large-scale web image search. IEEE Trans Big Data (2019). https://doi.org/10.1109/tbdata.2019.2919570
Yildirim, T., Radcliffe, P.J.: VoIP traffic classification in IPSec tunnels. In: 2010 International Conference on Electronics and Information Engineering. IEEE, Vol 1, pp V1-151–V1-157 (2010)
Ximenes, E., Yeo, K.C., Azam, S., et al.: Performance analysis of various encryption techniques in communication network[J]. Asian J. Inf. Technol. 16(1), 125–130 (2017)
Singh, K.K.V.V., Gupta, H.: A new approach for the security of VPN. In: Proceedings of the Second International conference on Information and Communication Technology for Competitive Strategies. ACM, 13p (2016)