Skip to main content
SpringerLink
Log in

Higher Layers, Better Results: Application Layer Feature Engineering in Encrypted Traffic Classification

  • Conference paper
  • First Online:
Wireless Algorithms, Systems, and Applications (WASA 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13472))

  • 1290 Accesses

Abstract

Encrypted traffic has become the primary carrier of network transmission, and encrypted traffic classification is essential for advanced network management and security protection. Existing studies mainly focus on encrypted traffic feature engineering and classification model design, aiming to select more expressive features from encrypted traffic and achieve high-performance classification. The most commonly used features in the feature engineering process are statistical features and sequence features obtained in network or transport layers, which are more inclined to represent the factors of network transmission rather than the data attributes of applications or services. As a result, the relevance of the features and application or services is not strong, leading to unsatisfactory performance. To solve this problem, we introduce the Application Data Unit (ADU) and put forward the application layer feature engineering, which uses the features of the highest protocol level - the application layer to achieve better HTTPS classification. In order to compare the classification effects of features of different layers, we carried out experiments on traditional machine learning models based on statistical features and deep learning models based on sequence features, respectively. The results show that the proposed ADU features are better than the segment granularity features of the TLS layer and far better than the packet granularity features both in statistical and length sequence features. The average F1-score increase in the encrypted traffic application classification scenario is more than 10%.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Bagui, S., Fang, X., Kalaimannan, E., Bagui, S.C., Sheehan, J.: Comparison of machine-learning algorithms for classification of VPN network traffic flow using time-related features. J. Cyber Secur. Technol. 1(2), 108–126 (2017)

    Article  Google Scholar 

  2. Chen, Z., Cheng, G., Jiang, B., Tang, S., Guo, S., Zhou, Y.: Length matters: Fast internet encrypted traffic service classification based on multi-PDU lengths. In: 2020 16th International Conference on Mobility, Sensing and Networking (MSN), pp. 531–538 (2020)

    Google Scholar 

  3. Chen, Z., Cheng, G., Xu, Z., Guo, S., Zhou, Y., Zhao, Y.: Length matters: Scalable fast encrypted internet traffic service classification based on multiple protocol data unit length sequence with composite deep learning. Digit. Commun. Netw. 8, 289–302 (2021)

    Google Scholar 

  4. Google: HTTPS encryption on the web - Google Transparency Report (2022). https://transparencyreport.google.com/https/overview

  5. Liu, C., He, L., Xiong, G., Cao, Z., Li, Z.: FS-Net: a flow sequence network for encrypted traffic classification. In: IEEE INFOCOM 2019 - IEEE Conference on Computer Communications, pp. 1171–1179 (2019)

    Google Scholar 

  6. Lotfollahi, M., Siavoshani, M.J., Zade, R.S.H., Saberian, M.: Deep packet: A novel approach for encrypted traffic classification using deep learning. Soft. Comput. 24(3), 1999–2012 (2020)

    Article  Google Scholar 

  7. Shi, Y., Ross, A., Biswas, S.: Source identification of encrypted video traffic in the presence of heterogeneous network traffic. Comput. Commun. 129(Sep.), 101–110 (2018)

    Google Scholar 

  8. Wang, W., Zhu, M., Wang, J., Zeng, X., Yang, Z.: End-to-end encrypted traffic classification with one-dimensional convolution neural networks. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 43–48. IEEE (2017)

    Google Scholar 

  9. Xie, G., Li, Q., Jiang, Y.: Self-attentive deep learning method for online traffic classification and its interpretability. Comput. Netw. 196, 108267 (2021)

    Article  Google Scholar 

  10. Yang, B., Liu, D.: Research on network traffic identification based on machine learning and deep packet inspection. In: 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC), pp. 1887–1891 (2019)

    Google Scholar 

  11. Yao, H., Liu, C., Zhang, P., Wu, S., Jiang, C., Yu, S.: Identification of encrypted traffic through attention mechanism based long short term memory. IEEE Trans. Big Data 8, 241–252 (2019)

    Google Scholar 

Download references

Acknowledgement

This paper is supported by the General Program of the National Natural Science Foundation of China under Grant No. 62172093.

Author information

Authors and Affiliations

  1. School of Cyber Science and Engineering, Southeast University, Nanjing, 211189, China

    Zihan Chen, Guang Cheng, Zijun Wei, Ziheng Xu, Nan Fu & Yuyang Zhou

  2. International Governance Research Base of Cyberspace (Southeast University), Nanjing, 211189, China

    Zihan Chen, Guang Cheng, Zijun Wei, Ziheng Xu, Nan Fu & Yuyang Zhou

  3. Jiangsu Provincial Engineering Research Center of Security for Ubiquitous Network, Nanjing, 211189, China

    Zihan Chen, Guang Cheng, Zijun Wei, Ziheng Xu, Nan Fu & Yuyang Zhou

Authors
  1. Zihan Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Guang Cheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zijun Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ziheng Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Nan Fu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Yuyang Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Guang Cheng .

Editor information

Editors and Affiliations

  1. Dalian University of Technology, Dalian, China

    Lei Wang

  2. Ben-Gurion University of the Negev, Beer-Sheva, Israel

    Michael Segal

  3. Chang Gung University, Taiwan, China

    Jenhui Chen

  4. Tianjin University, Tianjin, China

    Tie Qiu

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chen, Z., Cheng, G., Wei, Z., Xu, Z., Fu, N., Zhou, Y. (2022). Higher Layers, Better Results: Application Layer Feature Engineering in Encrypted Traffic Classification. In: Wang, L., Segal, M., Chen, J., Qiu, T. (eds) Wireless Algorithms, Systems, and Applications. WASA 2022. Lecture Notes in Computer Science, vol 13472. Springer, Cham. https://doi.org/10.1007/978-3-031-19214-2_46

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-19214-2_46

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-19213-5

  • Online ISBN: 978-3-031-19214-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation