Skip to main content
Springer Nature Link
Log in

Progress in Study of Encrypted Traffic Classification

  • Conference paper
Trustworthy Computing and Services (ISCTCS 2012)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 320))

Included in the following conference series:

  • 3376 Accesses

Abstract

The rapid increase in encrypted network traffic recently has becomeagreat challenge for network management, and study of encrypted traffic classification provides basic technical support for effective network management and network security. The basis and problems of encrypted traffic classification are introduced first. Next, the main research progresses of encrypted traffic classification are summarized. Finally, the future trend is put forward.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Dornger, P.: Real-Time Detection of Encrypted Traffic based on Entropy Estimation, Master Thesis (2010)

    Google Scholar 

  2. Nguyen, T., Armitage, G.: A Survey of Techniques for Internet TrafficClassification using Machine Learning. IEEE Communications Surveysand Tutorials 10(4), 56–76 (2008)

    Article  Google Scholar 

  3. Lu, Y., Zhu, Y.: Correlation-Based Traffic Analysis on Encrypted VoIP Traffic. IEEE Journal on Parallel and Distributed Systems, 45–48 (2010)

    Google Scholar 

  4. Alshammari, R., Zincir-Heywood, A.N.: Machine Learning Based Encrypted Traffic Classification: Identifying SSH and Skype. In: Proceedings of the 2009 IEEE Symposium on Computation Intelligence in Security and Defense Applications, Ottawa (2009)

    Google Scholar 

  5. Bacquet, C., Gumus, K., Tizer, D., Zincir-Heywood, A.N., Heywood, M.I.: A Comparison of Unsupervised Learning Techniques for Encrypted Traffic Identification. Journal of Information Assurance and Security 5, 464–472 (2010)

    Google Scholar 

  6. Tan, X., Su, X., Qian, Q.: The Classification of SSH Tunneled Traffic Using Maximum Likelihood Classifier. In: 2011 International Conference on Electronics, Communications and Control, ICECC (2011)

    Google Scholar 

  7. Hjelmvik, E., John, W.: Breaking and Improving Protocol Obfuscation.Technical report, Chalmers University of Technology (2010)

    Google Scholar 

  8. Yildirim, T., Radcliffe, P.: VoIP Traffic Classification in IPSec Tunnels. In: 2010 International Conference on Electronics and Information Engineering, ICEIE (2010)

    Google Scholar 

  9. White, A., Matthews, A., Snow, K., Monrose, F.: Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on fon-iks. In: IEEE Symposium on Security and Privacy (SP), pp. 3–18 (2011)

    Google Scholar 

  10. Wright, C.V., Monrose, F., Masson, G.M.: Using Visual Motifs to Classify Encrypted Traffic. In: Proceedings of the 3rd International Workshop on Visualization for Computer Security, VizSEC 2006 (2006)

    Google Scholar 

  11. Bacquet, C., Zincir-Heywood, A.N., Heywood, M.I.: Genetic Optimization and Hierarchical Clustering applied to Encrypted Traffic Identification. In: IEEE Symposium on Computational Intelligence on Cyber Security, pp. 194–201 (2011)

    Google Scholar 

  12. Crotti, M., Gringoli, F., Salgarelli, L.: Impact of Asymmetric Routing on Statistical Traffic Classification. In: Proceedings of the 7th IEEE Global Communications Conference (GLOBECOMM 2009), Honolulu, USA (2009)

    Google Scholar 

  13. Nguyen, T., Armitage, G.: Training on multiple sub-flows to optimizethe use of Machine Learning classifiers in real-world IP networks. In: Proc. IEEE 31st Conference on Local Computer Networks,Tampa,Florida, USA (2006)

    Google Scholar 

  14. Crotti, M., Gringoli, F., Salgarelli, L.: Optimizing Statistical Classifiers of Network Traffic. In: Proceedings of the 6th Wireless Communications & Mobile Computing Conference (IWCMC 2010), Caen, France (2010)

    Google Scholar 

  15. Wright, C., Coulls, S., Monrose, F.: Traffic Morphing: An efficient defense against statistical traffic analysis. In: Proceedings of the 14th Annual Network and Distributed Systems Symposium, NDSS (2009)

    Google Scholar 

  16. Moghaddam, H.M., Li, B., Derakhshani, M., Goldberg, I.: SkypeMorph: ProtocolObfuscation for Tor Bridges. Technical report, University of Waterloo (2012)

    Google Scholar 

  17. Tor Project, https://www.torproject.org/

  18. Canini, M., Li, W., Moore, A.W., Bolla, R.: GTVS: Boosting the Collection of Application Traffic Ground Truth. In: Papadopouli, M., Owezarski, P., Pras, A. (eds.) TMA 2009. LNCS, vol. 5537, pp. 54–63. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  19. Dusi, M., Gringoli, F., Salgarelli, L.: Quantifying the accuracy of the ground truth associated with Internet traffic traces. Elsevier Computer Networks (COMNET) 55(5), 1158–1167 (2011)

    Article  Google Scholar 

  20. Karagiannis, T., Papagiannaki, K., Faloutsos, M.: BLINC: Multilevel Traffic Classification in the Dark. In: Proc. of the Special Interest Group on Data Communication Conference (SIGCOMM 2005), Philadelphia, PA, USA (2005)

    Google Scholar 

  21. Hurley, J., Garcia-Palacios, E., Sezer, S.: Host-based P2P flow identification and use in real-time. ACM Trans. Web 5(2), Article 7, 27 pages (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Computer Network Emergency Response Technical Team / Coordination Center of China, China

    Shoufeng Cao

  2. Institute of Information Engineering, Chinese Academy of Science, China

    Gang Xiong & Li Guo

  3. Key Laboratory of Trustworthy Distributed Computing and Service (BUPT), Ministry of Education, Beijing, China

    Zigang Cao

Authors
  1. Zigang Cao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shoufeng Cao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gang Xiong
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Li Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Beijing University of Posts and Telecommunications, Beijing, China

    Yuyu Yuan  & Xu Wu  & 

  2. The School of Telecommunications Engineering, Beijing University of Posts and Telecommunications Beijing, P. O. Box 128, 100876, Beijing, China

    Yueming Lu

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cao, Z., Cao, S., Xiong, G., Guo, L. (2013). Progress in Study of Encrypted Traffic Classification. In: Yuan, Y., Wu, X., Lu, Y. (eds) Trustworthy Computing and Services. ISCTCS 2012. Communications in Computer and Information Science, vol 320. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35795-4_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35795-4_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35794-7

  • Online ISBN: 978-3-642-35795-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics