Abstract
Encrypted traffic has become the primary carrier of network transmission, and encrypted traffic classification is essential for advanced network management and security protection. Existing studies mainly focus on encrypted traffic feature engineering and classification model design, aiming to select more expressive features from encrypted traffic and achieve high-performance classification. The most commonly used features in the feature engineering process are statistical features and sequence features obtained in network or transport layers, which are more inclined to represent the factors of network transmission rather than the data attributes of applications or services. As a result, the relevance of the features and application or services is not strong, leading to unsatisfactory performance. To solve this problem, we introduce the Application Data Unit (ADU) and put forward the application layer feature engineering, which uses the features of the highest protocol level - the application layer to achieve better HTTPS classification. In order to compare the classification effects of features of different layers, we carried out experiments on traditional machine learning models based on statistical features and deep learning models based on sequence features, respectively. The results show that the proposed ADU features are better than the segment granularity features of the TLS layer and far better than the packet granularity features both in statistical and length sequence features. The average F1-score increase in the encrypted traffic application classification scenario is more than 10%.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bagui, S., Fang, X., Kalaimannan, E., Bagui, S.C., Sheehan, J.: Comparison of machine-learning algorithms for classification of VPN network traffic flow using time-related features. J. Cyber Secur. Technol. 1(2), 108–126 (2017)
Chen, Z., Cheng, G., Jiang, B., Tang, S., Guo, S., Zhou, Y.: Length matters: Fast internet encrypted traffic service classification based on multi-PDU lengths. In: 2020 16th International Conference on Mobility, Sensing and Networking (MSN), pp. 531–538 (2020)
Chen, Z., Cheng, G., Xu, Z., Guo, S., Zhou, Y., Zhao, Y.: Length matters: Scalable fast encrypted internet traffic service classification based on multiple protocol data unit length sequence with composite deep learning. Digit. Commun. Netw. 8, 289–302 (2021)
Google: HTTPS encryption on the web - Google Transparency Report (2022). https://transparencyreport.google.com/https/overview
Liu, C., He, L., Xiong, G., Cao, Z., Li, Z.: FS-Net: a flow sequence network for encrypted traffic classification. In: IEEE INFOCOM 2019 - IEEE Conference on Computer Communications, pp. 1171–1179 (2019)
Lotfollahi, M., Siavoshani, M.J., Zade, R.S.H., Saberian, M.: Deep packet: A novel approach for encrypted traffic classification using deep learning. Soft. Comput. 24(3), 1999–2012 (2020)
Shi, Y., Ross, A., Biswas, S.: Source identification of encrypted video traffic in the presence of heterogeneous network traffic. Comput. Commun. 129(Sep.), 101–110 (2018)
Wang, W., Zhu, M., Wang, J., Zeng, X., Yang, Z.: End-to-end encrypted traffic classification with one-dimensional convolution neural networks. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 43–48. IEEE (2017)
Xie, G., Li, Q., Jiang, Y.: Self-attentive deep learning method for online traffic classification and its interpretability. Comput. Netw. 196, 108267 (2021)
Yang, B., Liu, D.: Research on network traffic identification based on machine learning and deep packet inspection. In: 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC), pp. 1887–1891 (2019)
Yao, H., Liu, C., Zhang, P., Wu, S., Jiang, C., Yu, S.: Identification of encrypted traffic through attention mechanism based long short term memory. IEEE Trans. Big Data 8, 241–252 (2019)
Acknowledgement
This paper is supported by the General Program of the National Natural Science Foundation of China under Grant No. 62172093.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Chen, Z., Cheng, G., Wei, Z., Xu, Z., Fu, N., Zhou, Y. (2022). Higher Layers, Better Results: Application Layer Feature Engineering in Encrypted Traffic Classification. In: Wang, L., Segal, M., Chen, J., Qiu, T. (eds) Wireless Algorithms, Systems, and Applications. WASA 2022. Lecture Notes in Computer Science, vol 13472. Springer, Cham. https://doi.org/10.1007/978-3-031-19214-2_46
Download citation
DOI: https://doi.org/10.1007/978-3-031-19214-2_46
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-19213-5
Online ISBN: 978-3-031-19214-2
eBook Packages: Computer ScienceComputer Science (R0)